From: InfoSec News (alertsinfosecnews.org)
Date: Fri Oct 02 2009 - 04:36:52 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.computerworld.com/s/article/9138723/Express_Scripts_700_000_notified_after_extortion?taxonomyId=17

By Robert McMillan
September 30, 2009
IDG News Service

Nearly a year after being hacked by computer extortionists, pharmacy
benefits management company Express Scripts now says hundreds of
thousands of members may have had their information breached because of
the incident.

Last November, the company reported that someone had threatened to
expose millions of customer prescription records, but it has come under
criticism for being vague about how many of its customers' records were
accessed. Now the company says that about 700,000 have been notified.

The trouble started for the St. Louis-based company in October 2008,
when it received a letter containing the names, birth dates, Social
Security numbers and prescription data of 75 patients. The extortionists
threatened to turn the information public if they weren't paid. Express
Scripts refused and instead notified the U.S. Federal Bureau of
Investigation. The company is now offering a US$1 million reward for
information leading to the arrest of the perpetrators.

Express Script has not said how the criminals managed to get hold of the
data, but in an e-mailed statement the company said that "there have
been no reported cases of misuse of member information resulting from
the incident."

[...]

________________________________________
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News
http://www.infosecnews.org

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]