Original URL: http://www.theregister.co.uk/2005/04/11/idtheft_hospital/

US hospital loses patient info

Oh dear, oh dear

By John Oates

Posted in Security, 11th April 2005 10:48 GMT

Patients from the San Jose Medical Group are feeling even sicker this morning - the organisation has lost personal and confidential information on 185,000 current and ex-patients.

Patient records and financial details were downloaded from secure servers and put on two Dell desktop machines. The information was related to customer billing and was needed for the firm's annual audit. But on the night of 28 March someone got into the building and stole the two PCs and a monitor.

The hospital believes the thieves were interested in the computers themselves rather than information they contained. The medical group is following Californian law by warning patients whose information has been put at risk. The hospital has improved security since the break-in and installed CCTV cameras.

Some of the data on the stolen machines was encrypted because the hospital is in the middle of improving data security.®

Related stories

ID theft is inescapable
Big company, crap security
Fraudsters expose 100,000 across US