PHI of 485K swiped in USPS data breach

[InfoSec News <alerts () infosecnews org>]

http://www.healthcareitnews.com/news/phi-485k-swiped-usps-data-breach

By Erin McCann
Managing Editor
Healthcare IT News
January 5, 2015

What United States Postal Service officials originally reported as a 
"cybersecurity intrusion" that compromised the Social Security numbers of 
some 800,000 USPS employees, turned out to be even bigger than they 
thought, involving scores of protected health records too.

The cyberattack, which targeted USPS information systems, compromised 
employee Social Security numbers, addresses and dates of birth. However, 
upon a "continuing" investigation, USPS officials discovered the 
cyberattack also involved a compromise of current and former employee 
injury claim data, according to a USPS patient notification letter 
provided to Healthcare IT News.

The file hacked contained injury compensation claims dating as far back as 
November 1980.

"We are unaware of any evidence that any of the compromised employee 
information has been used to engage in any malicious activity, such as 
identity theft crimes," wrote Jeffrey Williamson, USPS chief human 
resources officer, in the Dec. 10 letter.

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/