Update: Data breach affects 4.9M active, retired military personnel

[InfoSec News <alerts () infosecnews org>]

http://www.computerworld.com/s/article/9220398/Update_Data_breach_affects_4.9M_active_retired_military_personnel

By Jaikumar Vijayan
Computerworld
September 29, 2011

Sensitive data including Social Security Numbers, names, addresses, 
phone numbers and personal health data belonging to about 4.9 million 
active and retired U.S. military personnel may have been compromised 
after backup tapes containing the data went missing recently.

The information on the tapes was from an electronic healthcare 
application used to capture patient data. It does not include bank, 
credit card or other financial data, according to a statement released 
by TRICARE, a healthcare system for active and retired military 
personnel and their families.

The breach affects all those who received care at the military's San 
Antonio area military treatment facilities between 1992 and Sept. 7 of 
this year. Those affected include individuals who had filled pharmacy 
prescriptions or had laboratory tests done at any of the facilities, 
TRICARE said.

As is often typical with such incidents, the information on the backup 
tapes does not appear to have been encrypted. But in its statement, 
TRICARE maintained that the risk of the data being misused was low 
"since retrieving the data on the tapes would require knowledge of and 
access to specific hardware and software and knowledge of the system and 
data structure."

[...]


_____________________________________________________________
FINAL CALL to register #HITB2011KUL - Asia's premier
deep-knowledge network security event now in it's 9th year!
http://conference.hitb.org/hitbsecconf2011kul/