Stanford Hospital blames contractor for data breach

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.computerworld.com/s/article/9220626/Stanford_Hospital_blames_contractor_for_data_breach

By Jaikumar Vijayan
Computerworld
October 6, 2011

Stanford Hospital & Clinics this week blamed a third party billing 
contractor for a data breach that exposed the personal data of some 20,000 
patients.

Stanford release a statement blaming the contractor just a week after it 
was hit with a $20 million lawsuit related to the breach, which the Palo 
Alto, Calif. health care provider disclosed in September.

The lawsuit was filed in Los Angeles Superior Court Sept. 28 by one of the 
affected patients, Shana Springer, who is seeking $1,000 per compromise 
record, or $20 million.

Stanford last month disclosed that a spreadsheet being handled by a third 
party billing contractor, Multi Specialties Collection Services (MSCS), 
was somehow posted on Student of Fortune, a website that lets students 
solicit homework help for a fee.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/