BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Update: Data breach affects 4.9M active, retired military personnel

From: security curmudgeon <jericho () attrition org>
Date: Mon, 3 Oct 2011 03:53:29 -0500 (CDT)


---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.computerworld.com/s/article/9220398/Update_Data_breach_affects_4.9M_active_retired_military_personnel

By Jaikumar Vijayan
Computerworld
September 29, 2011

Sensitive data including Social Security Numbers, names, addresses, phone 
numbers and personal health data belonging to about 4.9 million active and 
retired U.S. military personnel may have been compromised after backup 
tapes containing the data went missing recently.

The information on the tapes was from an electronic healthcare application 
used to capture patient data. It does not include bank, credit card or 
other financial data, according to a statement released by TRICARE, a 
healthcare system for active and retired military personnel and their 
families.

The breach affects all those who received care at the military's San 
Antonio area military treatment facilities between 1992 and Sept. 7 of 
this year. Those affected include individuals who had filled pharmacy 
prescriptions or had laboratory tests done at any of the facilities, 
TRICARE said.

As is often typical with such incidents, the information on the backup 
tapes does not appear to have been encrypted. But in its statement, 
TRICARE maintained that the risk of the data being misused was low "since 
retrieving the data on the tapes would require knowledge of and access to 
specific hardware and software and knowledge of the system and data 
structure."

[...]
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/
Previous By Date Next
Previous By Thread Next

Current thread: