BreachExchange mailing list archives
Re: (update): Utah hospital billing records from over 2 million patients stolen
From: Dean Brunson <dean.brunson () utah edu>
Date: Wed, 11 Jun 2008 09:19:42 -0600
A sad note here is that Perpetual Storage hadn't lost a single record in over 40 years, until this one employee came along. No one here has said why he was using his own car. Company policy is that personal vehicles are never used. And taking the tapes home overnight, and leaving the cash box that contained the tapes in plain sight... the employee is now former- he was fired immediately. Local news has reported that local law enforcement and the FBI are both involved in the investigation, but they haven't yet decided whether to file any charges. Charges or not, the former employee should not be able to get bonded in the future. This guy would never be able to pay restitution for his actions -- they're telling us that the cost of stamps and envelopes will be in the neighborthood of half a million dollars. I don't know who's paying for that -- the University, or Perpetual Storage. I suspect the University will pay, and then approach Perpetual Storage after the fact. And for the time being, no backup tapes are being kept on site. Unfortunately, that's a good news / bad news kind of solution, but if they resumed the Perpetual Storage solution, or found someone else for off-site storage, and more records were lost, I'm sure there'd be blood-letting among senior management. Oh, and the $1,000 reward versus the $500,000 bill for stamps and envelopes -- I don't get that, either. Dean B David Metcalf wrote:
I cannot believe that they are only offering a $1,000 reward for return of the tapes "no questions asked." http://healthcare.utah.edu/publicaffairs/news/current/billing_theft.html The website of the security company that lost the tapes is also interesting. It shows impressive pictures of their storage vault which was “designed to be an impregnable fortress” and can even withstand a nuclear blast. Unfortunately, the employee never made it that far. http://www.perpetualstorage.com/index_home.htm Another example of human error overcoming the most rugged technological precautions. Or as Mom used to say, “No system is fool proof.” David -----Original Message----- From: dataloss-bounces () attrition org [mailto:dataloss-bounces () attrition org] On Behalf Of lyger Sent: Tuesday, June 10, 2008 5:07 PM To: dataloss () attrition org Subject: [Dataloss] (update): Utah hospital billing records from over 2 million patients stolen http://www.kutv.com/content/news/local/story.aspx?content_id=76de0817-3ffe-4f8e-9764-506795954fa1 Billing records of 2.2 million patients at the University of Utah Hospitals and Clinics were stolen from a vehicle after a courier failed to immediately take them to a storage center, authorities said Tuesday. The records, described only as backup information tapes, contained Social Security numbers of 1.3 million people treated at the university over the last 16 years, said Lorris Betz, senior vice president for health sciences. Betz said people would be notified by a letter at a cost of $500,000 just for stamps and envelopes. The hospital also pledged free credit monitoring. [...] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml ------------------------------------------------------------------------ _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
_______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- Utah hospital billing records from over 2 million patients stolen Jake Schroeder (Jun 10)
- (update): Utah hospital billing records from over 2 million patients stolen lyger (Jun 10)
- Re: (update): Utah hospital billing records from over 2 million patients stolen David Metcalf (Jun 10)
- Re: (update): Utah hospital billing records from over 2million patients stolen Max Hozven (Jun 10)
- Re: (update): Utah hospital billing records from over2million patients stolen Alex Joannou (Jun 10)
- Re: (update): Utah hospital billing records fromover2million patients stolen DAIL, WILLARD A (Jun 10)
- Re: (update): Utah hospital billing records from over 2 million patients stolen David Metcalf (Jun 10)
- Message not available
- Re: (update): Utah hospital billing records from over 2million patients stolen Max Hozven (Jun 10)
- (update): Utah hospital billing records from over 2 million patients stolen lyger (Jun 10)
- Re: (update): Utah hospital billing records from over 2 million patients stolen Dean Brunson (Jun 11)