Health Incidents Lead Breach Roundup

Nursing Home Records Stolen; E-Mail Woes at Kaiser-Permanente
Health Incidents Lead Breach Roundup

In this week's breach roundup, records for nursing home patients in Illinois were stolen, and Kaiser-Permanente reveals an e-mail error.

See Also: Your Complete Guide to Healthcare Managed Defense

Nursing Home Resident Info Stolen

The Illinois Department of Healthcare and Family Services is notifying 508 nursing home residents that their personal information was exposed after a briefcase was stolen from the home of a contractor, according to local news reports.

Although it's unclear whether the briefcase contained paper or electronic documents, information exposed included names, Social Security numbers, Medicaid recipient numbers and birthdates. The contractor was assessing nursing facility residents, reports said.

State health department representatives are meeting with affected individuals to explain the incident and recommend that they register for fraud alerts.

Kaiser Permanente Reveals E-Mail Error

The multi-state healthcare organization Kaiser Permanente is notifying an undisclosed number of former employees of a breach that exposed Social Security numbers. An employee in the organization's Northern California region recruitment department mistakenly e-mailed to a person not authorized to receive the information a list of former Northern California employees who left the organization between 1990 and 2006.

The incident occurred on Aug. 24, according to a copy of the notification letter. The list contained names and Social Security numbers, among other information, the letter states.

The unintended recipient has been cooperative, according to Kaiser Permanente, An analysis was conducted by the organization's IT security department to confirm that the recipient deleted the information and that the information had not been further e-mailed or printed.

"As a result of our investigation, we believe it is highly unlikely that your information has been, or will be used for unlawful purposes," the letter said.

HSBC Notifies Customers of Insider Breach

HSBC, a British multi-national bank, has notified an undisclosed number of U.S. customers about an incident involving an employee who resigned and stole sensitive account information.

Compromised information includes names, phone numbers, account numbers and account types, according to a sample customer notification letter provided to California's Office of the Attorney General.

"HSBC takes this very seriously and we believe your personal information may have been exposed to a third party," the letter said.

Affected customers are being urged to place a fraud alert on their credit files.

Hackers Target Australian Pizza Hut Site

Pizza Hut Australia confirmed that its website was the victim of a hacker attack that exposed information about customers, according to news reports.

General Manager Graeme Houston said in a statement that the breach exposed customer names and contact information, including e-mail addresses. He assured customers that no credit card information was stolen. But the hackers, who also defaced the website's homepage and posted a message, claimed that they were able to obtain 240,000 Australian credit cards.

Pizza Hut didn't say how many customers were affected, but the hackers said they were able to obtain credentials on 60,000 customers.

The incident has been reported to the Office of the Australian Information Commissioner.


About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.