BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Records of 2, 000 Westerly Hospital patients posted online

From: Dissent <Dissent () pogowasright org>
Date: Thu, 01 Mar 2007 18:18:58 -0500
http://www.boston.com/news/local/rhode_island/articles/2007/03/01/records_of_2000_westerly_hospital_patients_posted_online/


WESTERLY, R.I. --Two-thousand patients at Westerly Hospital had their 
names, Social Security numbers and medical records posted on a 
publicly accessible Web site, and the hospital said it doesn't know who did it.

"We don't know why it happened. We don't know how it happened. But we 
will," hospital President and CEO Charles Kinney told The Westerly Sun.

The Web site included detailed information about patients' surgical 
procedures and medical histories, as well as people's home addresses 
and insurance information.

The hospital said not all its patients are affected, and the breach 
likely only extended to patients seen during certain days in January. 
The Sun reported patients it contacted had been at the hospital on 
three separate days.

Westerly Police learned of the problem on Wednesday afternoon when a 
woman looked up her phone number on the Internet search engine Google 
and found a link to the site. Police called the hospital, then the 
FBI and State Police.

The hospital worked with several Internet companies, including Yahoo 
Inc., to take the site down, and it was taken offline five hours 
later, according to the Sun. It's not clear how long the site was up 
or how many people saw the information.

Kinney said there was a breach in the hospital's computer database 
system that allowed hackers to access the information. The hospital 
plans to send a letter to every affected patient as soon as possible, 
Kinney said.

Messages left with the FBI, State Police and Westerly police were not 
immediately returned Thursday.

--
Main site: http://www.pogowasright.org
Main RSS feed: http://www.pogowasright.org/backend/pogowasright.rss
Breaches RSS feed: http://www.pogowasright.org/backend/breaches.rss 

_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss
Tracking more than 149 million compromised records in 591 incidents over 7 years.
Previous By Date Next
Previous By Thread Next

Current thread: