BreachExchange mailing list archives
follow-up: Army Hospital Breach May Be Result of P2P Leak
From: security curmudgeon <jericho () attrition org>
Date: Thu, 5 Jun 2008 08:57:07 +0000 (UTC)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://www.darkreading.com/document.asp?doc_id=155501 By Tim Wilson Site Editor Dark Reading June 3, 2008 Peer-to-peer (P2P) applications may have been the culprit in a security breach that has exposed the personal information of more than 1,000 patients at Walter Reed Hospital, according to early reports. Names, Social Security numbers, birth dates, and other information was exposed through a single computer file, hospital officials said Monday. The file did not include information such as medical records, or the diagnosis or prognosis for patients, they said in an Associated Press report [1]. The officials declined to discuss the nature of the breach with AP, citing an ongoing investigation. However, according to an industry news report [2], Col. Patricia Horoho, commander of the Walter Reed Health Care System, posted a Website message yesterday which suggests a potential P2P leak. "I need everyone to ensure that they are not loading or downloading programs that are not authorized by the command as it increases our vulnerability and possibly can cause a breach in protected information being shared," the message said. Horoho's message has since been pulled from the Walter Reed site, but the trade journal managed to get a screen capture [3] before the message disappeared. [..] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- follow-up: Army Hospital Breach May Be Result of P2P Leak security curmudgeon (Jun 05)