BreachExchange mailing list archives
insider theft of information
From: Henry Brown <hbrown () knology net>
Date: Fri, 15 Feb 2008 09:38:53 -0600
MAYBE an Expansion of a previously "announced" data breech http://www.beaufortgazette.com/local/story/190720.html Identity thief had access to area information BLUFFTON -- A former employee of a locally connected national hospital chain who was convicted of identity theft had access to the personal information of about 37,000 patients, according to a company spokesman. Tenet Healthcare Corp. owns 54 hospitals in a dozen states, including Hilton Head Regional Medical Center and Coastal Carolina Medical Center. The company mailed letters last week announcing the security breach to anyone who could have been affected, said spokesman Steven Campanini. Tenet also informed victims how to set up free fraud alerts at the nation's three major credit bureaus. "There's an annoyance factor and we apologize for that," Campanini said. "We recognize consumer privacy is very important and take it very seriously." The ex-employee worked at a Frisco, Texas, billing center for less than two years, and is confirmed to have stolen the names, Social Security numbers and other personal information of about 90 patients, Campanini said. The company has paid to monitor the credit reports of those victims. Terrence Brooks, 30, had access to 37,000 other accounts, less than 1 percent of the 4 million handled at the billing center, the company said. Brooks was arrested Nov. 25 in Arlington, Texas, where he was trying to obtain a credit card using information he stole at his job, authorities said. An employee called police and Brooks was arrested on the spot on misdemeanor traffic warrants, according to a police spokesman and Tenet. He pleaded guilty last month to five counts of fraudulent use and possession of identification information and was sentenced to nine months in prison. He had passed a background check to get the Tenet job. Brooks was immediately fired when the company learned of his arrest. "What's challenging in this situation is there was an employee intent on committing fraud," Campanini said. "No company can prevent that, but we can have practices in place to immediately address it when it does occur, and that's what we did." [...] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- insider theft of information Henry Brown (Feb 15)