From: security curmudgeon (jerichoattrition.org)
Date: Mon Oct 20 2008 - 02:32:52 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---------- Forwarded message ----------
From: InfoSec News <alertsinfosecnews.org>

http://www.fredericksburg.com/News/FLS/2008/102008/10192008/418223

BY JIM HALL
The Free Lance-Star
10/19/2008

A security breach in an online computer system at Mary Washington Hospital
exposed the private medical information of some of its maternity patients.

A man who tried to use the Fredericksburg hospital's online registration
system for his expectant wife said the files for 803 patients were
publicly available on the site.

On Friday, a hospital official described the breach as an "anomaly."

She said the man was the only person to see the files, that he opened only
two of them and that he did not print or download any data.

"We believe that this is a one-time incident," said Kathleen Allenbaugh,
hospital spokeswoman.

Hospital officials first learned of the breach when a Spotsylvania County
sheriff's deputy notified them that the online registration feature at the
MediCorp.org Web site was not working correctly.

Rebecca and Gary Dennison, a Spotsylvania couple, had contacted police
after learning that their private medical information was visible on the
site.

[...]
_______________________________________________
Dataloss Mailing List (datalossdatalossdb.org)

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]