Digital Identity Blog

Thought leadership for cybersecurity, fraud and digital channel professionals

Breaches Bad for Californians’ Health. Patients’ Personal Medical Record Data Stolen in 3 Separate Incidents

By ThreatMetrix
ThreatMetrix®, The Digital Identity Company®, is the market-leading cloud solution for authenticating digital personas and transactions on the Internet. Verifying more than 20 billion annual transactions supporting 30,000 websites and 4,000 customers globally through the ThreatMetrix Digital Identity Network®, ThreatMetrix secures businesses and end users against account takeover, payment fraud and fraudulent account registrations resulting from malware and data breaches.
Follow ThreatMetrix ThreatMetrix's Most Recent Posts:

Old-fashioned burglary to cutting-edge malware put patients’ data at risk from one end of California to the other.

The Los Angeles Times reported that Torrance, California’s Sutherland Healthcare Solutions, a medical billing and collections company, was burglarized and eight computers taken. Data stored on those computers included 338,700 patients’ first and last names, Social Security numbers and certain billing information. Also possibly compromised were birth dates, addresses and diagnoses.

Patients were offered free credit monitoring. That didn’t stop the filing of three class-action suits. Meanwhile, the police, the L.A. County D.A.’s cybercrime team and the U.S. Secret Service are investigating.

Writing on, Ashley Gold reports that in Orange County, the La Palma Intercommunity Hospital learned in September 2012 that an employee, who was not authorized, accessed Social Security numbers, driver’s license numbers, addresses, birth dates and some medical information. However the hospital didn’t notify patients of the employee’s spying for more than a year.

At the other end of the state, in Northern California, Kaiser Permanente told 5,100 patients, who participated in a research study, that their information was compromised when malicious software infected a Kaiser server. The stolen data included first and last names, addresses, race/ethnicity, medical record numbers, lab results and responses to the study. And, according to Government Health IT, it took Kaiser more than two and half years to discover the breach.

A recent report by IT security audit firm Redspin noted that more than 7 million patient records were breached last year, an increase of 138 percent from 2012.

By ThreatMetrix Posted