BreachExchange mailing list archives
Number of veterans whose personal information was put at risk nearly triples in a month
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Mon, 23 Mar 2015 19:05:58 -0600
http://www.fiercegovernmentit.com/story/number-veterans-whose-personal-information-was-put-risk-nearly-triples-mont/2015-03-19 Between January and February, the number of veterans who had personal information affected by data breaches nearly tripled, according to a new report. Last month, 891 veterans were affected, 770 in relation to protected health information incidents, according to the Veterans Affairs Department's monthly data breach report (pdf). The previous month's report (pdf) shows that 310 veterans were affected and 242 incidents were related to health information. Some of the exposures resulted from mismailings by VA. For instance, one case from Feb. 4 states that Patient A received a prescription intended for Patient B because of a packing error at the Great Lakes Consolidated Mail Outpatient Pharmacy. "The CMOP employee will be counseled and retrained in proper packing procedures," the report states. On Feb. 10, a former VA employee acting as a whistleblower gave a reporter a waitlist that included the last four digits of Social Security numbers, clinic names, scheduled dates and possibly first and last names. "The media used the list in reporting a story and had stated 'they have redacted protected health information (PHI)' to protect the Veterans. However, it is unknown when and who redacted the information and how many unredacted lists could still be at large," the report states. "This incident occurred in the Sleep Clinic, a clinic which previously had two missing laptops this year. It is unknown if this is related, but it is possible." The latest report also states that more than 4.3 million intrusion attempts were blocked, more than 930 million malware attacks were blocked or contained, and about 68.3 million suspicious or malicious email messages were blocked. Moreover, the number of mishandled incidents rose from 92 in January to 118 in February, although the number of lost and stolen devices fell from 45 to 36. VA has been plagued by data breaches in recent years. As a result, the department is required to submit IT security reports to Congress.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- Number of veterans whose personal information was put at risk nearly triples in a month Audrey McNeil (Mar 31)