Health Insurer Notifies More Than 409, 000 Of Potential Breach

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.darkreading.com/database_security/security/privacy/showArticle.jhtml?articleID=224600001

By Tim Wilson
DarkReading
April 21, 2010

Affinity Health Plan, a New York managed care service, is notifying more 
than 400,000 current and former customers employees that their personal 
data may have been leaked through the loss of an unerased digital copier 
hard drive.

According to a press releasequietly issued earlier this month, some 
personal records were found on the hard drive of a copier found in a New 
Jersey warehouse. The copier had previously been leased by Affinity and 
was then returned to the leasing company, the release states.

The disclosure follows the airing of a CBS News report which calls 
attention to the practice of recycling or resale of copiers whose hard 
drives have not been properly erased.

The report showed the discovery of numerous medical records found on 
warehoused digital copiers. An executive at a company that makes 
hard-drive-erasure products used a free forensics tool to glean the data 
from one of the copiers in the CBS News report.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php