State worker sent 17, 743 Medicaid records to personal account

[Erica Absetz <erica () riskbasedsecurity com>]

http://www.poughkeepsiejournal.com/article/20130715/NEWS12/130715020/State-worker-sent-17-743-Medicaid-records-to-personal-account

A state employee was placed on leave after emailing thousands of
private Medicaid records to his personal email account, state Medicaid
Inspector General James Cox announced today.

The security breach happened on Oct. 12 of last year, when the
employee -- who worked for Cox's office -- sent 17,743 records to the
account, according to the state. Cox said the person acted without
telling anyone in his office.

“(The Office of the Medicaid Inspector General) expects all employees
to act in a professional, ethical manner while in the workplace, and
will not tolerate behavior that leads to the release of confidential
information,” Cox said in a statement.

Cox's office said the information sent may have included names,
birthdays, Medicaid numbers and Social Security numbers. Each person
whose information was exposed has been notified, according to the
state, and each can receive free credit monitoring for a year.

The employee, who was not named by the state, is set to remain on paid
leave while the state inspector general conducts a probe of the
incident.

The state has set up a toll-free number to respond to questions about
the breach -- 1-855-809-7205 -- as well as an email
address,security () omig ny gov.
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss-discuss

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.