BreachExchange mailing list archives
Presbyterian Anesthesia reports data breach affecting nearly 10, 000
From: Erica Absetz <erica () riskbasedsecurity com>
Date: Tue, 14 May 2013 09:42:45 -0400
http://www.charlotteobserver.com/2013/05/13/4039763/presbyterian-anesthesia-reports.html The credit card information of nearly 10,000 people may have been accessed in a data breach at a Charlotte medical practice. Presbyterian Anesthesia Associates has disclosed that a hacker broke through a security flaw of the practice’s website to gain access to a database of personal information, including names, contact information, dates of birth and credit card numbers for 9,988 people. No medical information was compromised, the practice said. Presbyterian Anesthesia notified the FBI, which has launched an investigation, Presbyterian Anesthesia said in a statement. The FBI declined to comment. Presbyterian Anesthesia could not be reached for comment Monday. The practice has hired an identity theft firm to provide free monitoring and insurance for people who were affected. It’s also contracted with a new company to build a more secure website, and an IT security firm to audit its operations. Data breaches have become increasingly common as more financial transactions migrate online. More than 1,500 separate instances involving 4.8 million people in North Carolina have been reported since 2005, according to the N.C. Department of Justice. North Carolina law requires organizations to disclose data breaches to the people affected and to the state justice department. In December, Carolinas HealthCare System disclosed that about 5,600 patients at its Randolph Road location may have had personal information compromised. After upgrading computer software, the hospital system found that an “electronic intruder” gained access to emails sent by the hospital between March and October 2012. CHS said few contained personal information, though about five had Social Security numbers. The hospital provided free credit monitoring and notified state and federal authorities. Earlier last year, UNC Charlotte found that bank account information and Social Security numbers of more than 350,000 students and faculty had been exposed. UNCC brought in law enforcement to investigate but said it did not believe any information had been accessed or used improperly. OBSERVER RESEARCHER MARIA DAVID CONTRIBUTED. _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- Presbyterian Anesthesia reports data breach affecting nearly 10, 000 Erica Absetz (May 14)