[ISN] Medical diagnoses for 130,000 people vanish into thin air

From: InfoSec News <alerts_at_private>
Date: Thu, 1 Jul 2010 00:50:16 -0500 (CDT)
http://www.theregister.co.uk/2010/06/30/patient_data_exposed/

By Dan Goodin in San Francisco
The Register
30th June 2010

New York-based Lincoln Medical and Mental Health Center has become one 
of the latest medical providers to expose highly sensitive patient data 
after CDs containing unencrypted data sent by FedEx never made it to 
their destination.

The breach exposed medical and psychological diagnoses and procedures 
for 130,495 patients, according to a notification posted Tuesday. The 
CDs, which remain missing despite an investigation that was launched in 
early April, also contained names, addresses, social security numbers 
medical record numbers, dates of birth and other details that are 
regularly snarfed up by identity thieves.

In a letter sent to affected patients (PDF), hospital officials said 
they have no knowledge the missing information has been accessed by 
anyone.

Lincoln's notification to the US Department of Health website came the 
same day officials at the University of Maine said sensitive details for 
4,585 individuals who sought services at the school's counseling center 
have been stolen by hackers who compromised two servers. The exposed 
data included names, clinical information and social security numbers 
for people who used the service over an eight-year span ending last 
week.

[...]


_________________________________________________________________
Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada
July 24-29th, offering over 60 training sessions and 11 tracks of Briefings
from security industry elite. To sign up visit http://www.blackhat.com
Received on Wed Jun 30 2010 - 22:50:16 PDT

This archive was generated by hypermail 2.2.0 : Wed Jun 30 2010 - 23:01:25 PDT