Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Health Services Provider Nemours Loses Backup Tapes: 1.6 Million Affected

Three unencrypted backup tapes containing sensitive personal data have been reported missing by Nemours, a children’s health care services provider.

The tapes in question were reported missing from a facility in Wilmington, Delaware on September 8, 2011. The company believes they have been removed around August 10, 2011 during a renovation project.

Three unencrypted backup tapes containing sensitive personal data have been reported missing by Nemours, a children’s health care services provider.

The tapes in question were reported missing from a facility in Wilmington, Delaware on September 8, 2011. The company believes they have been removed around August 10, 2011 during a renovation project.

The data stored on the tapes dates mainly between 1994 and 2004 and affects approximately 1.6 million patients and their guarantors, vendors, and employees at Nemours facilities in Delaware, Pennsylvania, New Jersey and Florida. The missing backup tapes contained information including name, address, date of birth, Social Security number, insurance information, medical treatment information, and direct deposit bank account information.

“There is no indication that the tapes were stolen or that any of the information on them has been accessed or misused,” the company said in a statement.

The company said it had hired independent security experts who determined that “highly specialized equipment and specific technical knowledge” would be needed in order to make use of the data.

No medical records were stored on the tapes.

In related news, just last week a similar incident occurred with lost backup tapes at TRICARE, a provider of health care services to active and retired military personnel, that could potentially affect 4.9 million individuals. These careless and easily preventable incidents will prove to be costly mistakes for both organizations.

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Cloud Security

VMware described the bug as an out-of-bounds write issue in its implementation of the DCE/RPC protocol. CVSS severity score of 9.8/10.