Clinic Corruption: Hospital Identity Theft

[Erica Absetz <eabsetz () opensecurityfoundation org>]

http://www.kutv.com/news/top-stories/stories/vid_4077.shtml

(KUTV) There are very few places off-limits for identity thieves. They
don’t really care how they get your information—even if you’re sitting
in a hospital. One woman found that out the hard way.

"The dream was gone. Everything we worked for, gone,” Elsy, a victim
of identity theft, says.

Elsy was devastated after discovering the money she and her husband
had been saving for a new home had been stolen from their bank
account.

"They got our personal information from the medical facility where my
husband was getting treatment for leukemia,” she says.

While Elsy's husband underwent chemotherapy, an employee of the
medical clinic was stealing his personal information from his check-in
forms.

"When we found out that money was gone, I dropped to my knees because
it terrified me that everything was going to be gone,” Elsy explains.

"It's rather heart wrenching that someone would take advantage of
somebody in that condition,” says US Postal Inspector Frank Schissler.

US postal inspectors began investigating Elsy's case and found there
more than 35 other patients who had also had their personal
information compromised.

"They feel violated I'm sure since their information was stolen,
especially during such a vulnerable time in their lives,” Schissler
says.

One way to stop the thieves like the ones in this case: always monitor
your credit card statements and check your credit once a year. Also,
be aware, "If you get a call from a hospital, bank or credit card
company asking for your personal information do not give it out over
the phone. Unless its' a call you initiated they shouldn't be asking
for that information they should already have that information,”
Schissler says.

This story has a happy ending; authorities were able to recover Elsy's money.

"My husband and I are good, we have a home and he hit the cancer free
mark, and we have our 6th grandchild on the way. We're doing great,”
Elsy says.

Four people were prosecuted in this case—the hospital employee, his
nephew, his nephew's girlfriend and that girlfriend's neighbor. Only
the nephew has been sentenced. He'll be behind bars for the next five
years.

(Copyright 2013 Sinclair Broadcasting Group)
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.