BreachExchange mailing list archives
Crescent Healthcare Notifies Individuals of 2012 Data Breach
From: Erica Absetz <eabsetz () opensecurityfoundation org>
Date: Wed, 27 Feb 2013 09:23:03 -0500
http://www.californiahealthline.org/articles/2013/2/26/crescent-healthcare-notifies-individuals-of-2012-data-breach.aspx Last week, Crescent Healthcare -- an Anaheim-based Walgreens company -- began notifying patients and employees of a data breach that occurred late last year, Healthcare IT News reports. Details of the Incident On Dec. 28, 2012, an unknown person or persons broke into Crescent’s billing center and stole computer hardware and paper records, according to a letter notifying patients and employees of the breach. The stolen property could have contained patients': Names; Phone numbers; Dates of birth; Addresses; Social Security numbers; Health insurance data; and Diagnosis information. Comments From Crescent Crescent did not provide information on how many individuals were affected by the breach. Paul Mastrapa, president of Crescent, wrote in the letter, “We are very sorry this happened, and we are cooperating with law enforcement to further investigate this incident.” He added, "Additionally, we have taken steps to [prevent] this from happening again, including retraining employees and service providers on security, and inhaling our security policies and procedures" (McCann, Healthcare IT News, 2/25). _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges.
Current thread:
- Crescent Healthcare Notifies Individuals of 2012 Data Breach Erica Absetz (Feb 27)