BreachExchange mailing list archives
University of Pittsburgh Medical Center
From: Dissent <Dissent () pogowasright org>
Date: Thu, 12 Apr 2007 09:30:15 -0400
http://www.pittsburghlive.com/x/pittsburghtrib/news/cityregion/s_502354.html The University of Pittsburgh Medical Center was trying to figure out how private information for about 80 patients, including names and Social Security numbers and even radiology images of their bodies, wound up on the Internet. The information was first put on the Web inadvertently in 2005 then taken down. The information from a medical symposium held in 2002 was posted on an area of the Web site where the health system's faculty members are encouraged to share their work and other data, UPMC said in a statement Thursday. Once the health network discovered patient names and other information were included, it was removed, but somehow it was posted again and remained on the Web site until UPMC was notified again on Tuesday, said Robert Cindrich, a former federal judge who now serves as UPMC's chief attorney. UPMC was notifying the patients affected and offering to pay for credit protection services, just in case the information might have been used by identity thieves. No financial information about patients was posted, nor were patient addresses or other contact information. [...] A copy of UPMC's full release appears at the bottom of the story. -- Main site: http://www.pogowasright.org Main RSS feed: http://www.pogowasright.org/backend/pogowasright.rss Breaches RSS feed: http://www.pogowasright.org/backend/breaches.rss _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 207 million compromised records in 620 incidents over 7 years.
Current thread:
- University of Pittsburgh Medical Center Dissent (Apr 12)