From: security curmudgeon (jerichoattrition.org)
Date: Thu Jun 05 2008 - 03:57:07 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---------- Forwarded message ----------
From: InfoSec News <alertsinfosecnews.org>

http://www.darkreading.com/document.asp?doc_id=155501

By Tim Wilson
Site Editor
Dark Reading
June 3, 2008

Peer-to-peer (P2P) applications may have been the culprit in a security
breach that has exposed the personal information of more than 1,000
patients at Walter Reed Hospital, according to early reports.

Names, Social Security numbers, birth dates, and other information was
exposed through a single computer file, hospital officials said Monday.
The file did not include information such as medical records, or the
diagnosis or prognosis for patients, they said in an Associated Press
report [1].

The officials declined to discuss the nature of the breach with AP, citing
an ongoing investigation. However, according to an industry news report
[2], Col. Patricia Horoho, commander of the Walter Reed Health Care
System, posted a Website message yesterday which suggests a potential P2P
leak.

"I need everyone to ensure that they are not loading or downloading
programs that are not authorized by the command as it increases our
vulnerability and possibly can cause a breach in protected information
being shared," the message said. Horoho's message has since been pulled
from the Walter Reed site, but the trade journal managed to get a screen
capture [3] before the message disappeared.

[..]
_______________________________________________
Dataloss Mailing List (datalossattrition.org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]