BreachExchange mailing list archives
KY: retiree data sent without proper security
From: kirniki <kirniki () gmail com>
Date: Wed, 18 Mar 2009 16:51:01 -0400
http://www.courier-journal.com/article/20090318/NEWS01/90318044/1008 FRANKFORT, Ky. — Names, dates of birth and Social Security numbers of roughly 28,000 state retirees were e-mailed to the Kentucky Retirement Systems without being properly encrypted for security purposes by its pharmacy benefit provider. The likelihood of any harm is “minimal,” but there is a “remote” possibility that the records were accessible while being transmitted, the Walgreens Health Initiative said in a letter it sent to retirees’ affected by the incident. Walgreens is taking sole responsibility for the problem, according to the letter. Mike Burnside, executive director of the retirement systems, said officials have no reason to believe the data fell into the wrong hands. Walgreens said in the letter that it sent the file to a “single and proper” contact at KRS and that it confirmed that person received the e-mail. The e-mail contained dates of birth, Social Security numbers and health insurance claim numbers but not personal health information. [..] _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) CREDANT Technologies, a leader in data security, offers advanced data encryption solutions. Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently across your enterprise to ensure regulatory compliance. http://www.credant.com/stopdataloss
Current thread:
- KY: retiree data sent without proper security kirniki (Mar 18)