[Fwd: Re: (update): Utah hospital billing records from over 2 million patients stolen]

[Arshad Noor <arshad.noor () strongauth com>]

Even if somebody returned it, it wouldn't mean that the data is
not going to be misused.  Not sure what the point of the meager
reward is, considering their cleanup cost is going to be nearly
3 orders of magnitude larger.

Arshad Noor
StrongAuth, Inc.

-------- Original Message --------
Subject:        Re: [Dataloss] (update): Utah hospital billing records from
over 2 million patients stolen
Date:   Tue, 10 Jun 2008 17:48:39 -0400
From:   David Metcalf <dmetcalf () mcraemetcalf com>
To:     'lyger' <lyger () attrition org>, <dataloss () attrition org>

I cannot believe that they are only offering a $1,000 reward for return
of the tapes "no questions asked."

http://healthcare.utah.edu/publicaffairs/news/current/billing_theft.html

The website of the security company that lost the tapes is also
interesting.  It shows impressive pictures of their storage vault which
was “designed to be an impregnable fortress” and can even withstand a
nuclear blast.  Unfortunately, the employee never made it that far.

http://www.perpetualstorage.com/index_home.htm

Another example of human error overcoming the most rugged technological
precautions.  Or as Mom used to say, “No system is fool proof.”

David

-----Original Message-----
From: dataloss-bounces () attrition org
[mailto:dataloss-bounces () attrition org] On Behalf Of lyger
Sent: Tuesday, June 10, 2008 5:07 PM
To: dataloss () attrition org
Subject: [Dataloss] (update): Utah hospital billing records from over 2
million patients stolen

http://www.kutv.com/content/news/local/story.aspx?content_id=76de0817-3ffe-4f8e-9764-506795954fa1

Billing records of 2.2 million patients at the University of Utah
Hospitals and Clinics were stolen from a vehicle after a courier
failed to immediately take them to a storage center, authorities
said Tuesday.

The records, described only as backup information tapes, contained
Social Security numbers of 1.3 million people treated at the
university over the last 16 years, said Lorris Betz, senior vice
president for health sciences.

Betz said people would be notified by a letter at a cost of $500,000
just for stamps and envelopes. The hospital also pledged free credit
monitoring.

_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml

_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml