BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Beth Israel suffers large data breach

From: security curmudgeon <jericho () attrition org>
Date: Tue, 24 Jul 2012 11:28:06 -0500 (CDT)


---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.cmio.net/index.php?option=com_articles&view=article&id=34638:beth-israel-suffers-large-data-breach

By Beth Walsh
CMIO.net
July 23, 2012

Beth Israel Deaconess Medical Center (BIDMC) in Boston is in the process 
of notifying approximately 3,900 patients of a potential breach of 
protected health information (PHI) as a result of a physician's stolen 
personal laptop computer.

The computer was stolen from the office of a BIDMC physician on May 22. 
The computer, which contained a tracking device, has not been recovered 
nor has the tracking device been activated.

In addition to notifying law enforcement, which arrested a suspect in the 
theft, BIDMC engaged a national forensic firm to investigate whether data 
were compromised.

There has been no indication that any information has been misused. The 
laptop contained files that included short summaries of medical 
information used for administrative purposes within BIDMC, but did not 
contain complete medical records and did not contain patient financial 
information such as Social Security numbers. The stolen laptop also 
contained approximately 230 administrative employee records.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.
Previous By Date Next
Previous By Thread Next

Current thread: