March 24, 2009

Ky. retirees pharmacy benefits data sent unencrypted

A pharmacy benefits management provider has notified about 28,000 Kentucky retirees that their personal information was not protected during electronic transmission.

What type of personal information? Names, dates of birth, Social Security numbers.

What happened? Walgreens Health Initiative failed to encrypt an email containing the information that was sent to Kentucky Retirement Services.

What was the response? Walgreens said in a notification letter to affected individuals that there was a "remote" chance their records could have been compromised in transit.

Details: The email was received by a state employee, and Walgreens has not reason to believe the data was exposed at any point. The victims used Walgreens to manage their pharmacy benefits in 2007.

Source: courier-journal.com, The Courier-Journal (of Louisville, Ky.), "Ky. retiree data sent without proper security," March 18, 2009.

 
Previous Post
Next Post
Similar Articles
close

Next Article in The Data Breach Blog

Advertisement

How to Prevent Insider Threats!

POLL

More in The Data Breach Blog

Hackers raid Washington state court system to steal 160,000 SSNs, 1M driver's license numbers

Hackers raid Washington state court system to steal ...

After the public website of the Washington state Administrative Office of the Courts was compromised in February, an investigation revealed the severity of the breach in April.

Personal California birth records found in "unsecure" location

The California Department of Public Health announced that the data included names, addresses, Social Security numbers, and medical information.

Investment regulator loses portable device containing personal data

Although the specifics of the lost information is unknown, the Investment Industry Regulatory Organization of Canada has announced that 52,000 clients of 32 brokerage firms have been affected.