Lakeview Medical Center


Location

Rice Lake, WI
United States
45° 30' 21.8448" N, 91° 44' 17.61" W
Date Breach Made Public: 
February 10, 2012
geo: 
Rice Lake, WI
United States
Records Breached: 

500

More than 500 patients of Lakeview Medical Center homecare and hospice programs had their personal information exposed by the theft of a laptop.  The laptop was stolen from a car belonging to a Lakeview nurse.  It contained names, Social Security numbers, dates of birth, home addresses, medicare ID numbers, and diagnostic information. It is unclear when the laptop was stolen, but the nurse who was involved no longer works for Lakeview.

Source: 
PHIPrivacy.net

Piedmont Behavioral Healthcare (PBH), Alamance-Caswell LME (AC LME)


Location

Concord, NC
United States
35° 24' 31.5072" N, 80° 34' 46.2396" W
Date Breach Made Public: 
February 25, 2012
geo: 
Concord, NC
United States
Records Breached: 

50,000

A miscommunication caused AC LME to lose access to servers containing sensitive health information.  An Alamance County employee mistakenly changed a lock on the facility that housed data servers for AC LME.  It appears that AC LME forgot to inform the county that AC LME was extending a contract for server maintenance.  Former consumers of AC LME, including those who became PBH consumers on October 1, 2011, may have had their personal health information stored on these servers.

Source: 
HHS via PHIPrivacy.net

Kern Medical Center


Location

Bakersfield, CA
United States
35° 22' 23.8512" N, 119° 1' 7.3668" W
Date Breach Made Public: 
March 5, 2012
geo: 
Bakersfield, CA
United States
Extra Info: 

Concerned patients may call 1-877-800-5530 or contact KMC by email at breachinfo@kernmedctr.com.

Records Breached: 

1,500 (No SSNs or financial information reported)

A resident physician printed out the records of 1,500 patients for research purposes.  The paper records were stored in a computer bag and the bag was stolen from the physician's car on February 25.  The records contained names, health information, and test results. They may have also contained the insurance information of some patients.

UPDATE (4/20/2012): Medical record numbers, dates of treatments, diagnoses sites, cocci clinical numbers, and test results for HIV, AIDS, Hepatitis, and pregnancy may have also been exposed.

Source: 
PHIPrivacy.net

Flex Physical Therapy


Location

Bothell, WA
United States
47° 45' 44.352" N, 122° 12' 19.4544" W
Date Breach Made Public: 
March 22, 2012
geo: 
Bothell, WA
United States
Records Breached: 

3,100 (No SSNs or financial information reported)

Three computers were stolen on December 30, 2011.  One of the computers contained the protected health information of patients.  

Source: 
HHS via PHIPrivacy.net

Wayne County


Location

Detroit, MI
United States
42° 19' 53.1372" N, 83° 2' 44.7144" W
Date Breach Made Public: 
March 21, 2012
geo: 
Detroit, MI
United States
Records Breached: 

1,000

An employee of Wayne County's personnel department accidentally sent an email with a sensitive attachment.  People who were members of AFSCME Locals 25, 409, 1659, and 3309 received an email about health insurance with employee names, ID numbers, Social Security numbers, dates of birth, addresses, and other information available in an attached file.  The mistake was noticed immediately and a follow-up email was sent with instructions to destroy the previous email.

Source: 
Databreaches.net

Union Bank


Location

San Francisco, CA
United States
37° 46' 29.748" N, 122° 25' 9.8976" W
Date Breach Made Public: 
April 5, 2012
geo: 
San Francisco, CA
United States
Records Breached: 

Unknown

On February 15, 2012, Union Bank discovered that a former contractor kept proprietary bank data in his possession after leaving the company on January 31, 2012.  The bank data included some customer information such as names, account numbers, home addresses, phone numbers, and email addresses.

Source: 
California Attorney General

X-Rite Incorporated, Pantone.com


Location

Grand Rapids, MI
United States
42° 57' 48.096" N, 85° 40' 5.1096" W
Date Breach Made Public: 
April 11, 2012
geo: 
Grand Rapids, MI
United States
Records Breached: 

Unknown

On March 23, 2012, X-Rite learned that a database server had been attacked by a malicious third party.  The names, contact information, and credit card information of customers who made purchases on X-Rite's website pantone.com may have been exposed.  

Source: 
California Attorney General

University of Arkansas for Medical Sciences (UAMS)


Location

Little Rock, AR
United States
34° 44' 47.3316" N, 92° 17' 22.542" W
Date Breach Made Public: 
April 20, 2012
geo: 
Little Rock, AR
United States
Records Breached: 

7,000 (No SSNs or financial information reported)

A UAMS physician sent financial data to an individual who was not a member of UAMS's workforce in February of 2012.  Patient identifiers had not been removed from the data and UAMS learned of the error on April 6.  Patients of interventional radiology seen at UAMS between 2009 and 2011 had their names, UAMS account numbers, dates of service, interventional radiology procedures, diagnosis codes, charges, and payments exposed.

Source: 
PHIPrivacy.net

Choice Hotels Internationals


Location

Silver Spring, MD
United States
38° 59' 26.3976" N, 77° 1' 33.9168" W
Date Breach Made Public: 
April 26, 2012
geo: 
Silver Spring, MD
United States
Records Breached: 

Unknown

An unknown number of customers had their personal information entered into the wrong field in a database.  The information should have been encrypted but was not because of the error. Customers may have received mail with their credit card number, driver's license number, Social Security number, passport number, or any combination of these elements printed on the outside of envelopes. The issue was discovered in late December of 2011.

Source: 
California Attorney General

Northwestern Memorial Hospital


Location

Chicago, IL
United States
41° 52' 41.2104" N, 87° 37' 47.2728" W
Date Breach Made Public: 
May 14, 2012
geo: 
Chicago, IL
United States
Records Breached: 

50

A Northwestern Memorial Hospital employee was charged with one count of aggravated identity and one count of identity theft. The dishonest employee is accused of stealing the identities of patients to pay off personal bills.  Paperwork with the Social Security numbers, credit card numbers, and dates of birth of over 50 patients was found in the employee's home.  The dishonest employee's scheme was discovered when suspicious credit card activity related to the opening of utilities in the employee's name.

Source: 
PHIPrivacy.net
Showing 601-610 of 680 results
Syndicate content


X

Sign In!

Loading