Info of 55K Patients Stolen from Indianapolis Cancer Practice

Type threatpost
Reporter Chris Brook
Modified 2013-04-17T16:31:37


The Cancer Care Group, an oncology practice based in Indianapolis, claims it will improve its storage and data security practices going forward after a laptop containing the sensitive information of about 55,000 of its patients was stolen last month.

The laptop, which contained backup media from the clinic’s computer server, was taken from the locked vehicle of an employee on July 19.

Related Posts

68 Million Credentials Spilled in 2012 Dropbox Hack

August 31, 2016 , 10:42 am

Dropbox Forces Password Reset for Older Users

August 29, 2016 , 9:58 am

Threatpost News Wrap, August 26, 2016

August 26, 2016 , 9:00 am

According to a post on its website, the backup media included patient demographic information, including their names, addresses, date of birth, Social Security numbers, medical record numbers, insurance information and minimal clinical information the firm claims was used for billing purposes only. Employees’ information, including their date of birth, social security numbers, beneficiary names and other “employment and/or financial data,” were also stolen.

The Cancer Care Group claims that while the backup media has yet to be retrieved, there’s no proof the information has been used or exploited yet. The practice has vowed to encrypt its mobile media going forward and has made plans to update policies and procedures, upgrade data storage technology and better inform its employees on how to safely handle its media.