Unencrypted desktops stolen from Calif. medical center, 10k impacted

Share this article:

Nearly 10,000 patients of University of California San Francisco (UCSF) Family Medicine Center at Lakeshore may have personal information at risk after unencrypted desktop computers containing their data were stolen.

How many victims? 9,986. 

What type of personal information? Names, addresses, dates of birth, medical record numbers, health insurance ID numbers, and driver's license numbers. Social Security numbers were included for 125 patients.

What happened? Unencrypted desktops were stolen in a UCSF Family Medicine Center at Lakeshore burglary.

What was the response? UCSF conducted a technical analysis that revealed what data was stored on the computers. UCSF police and UCSF officials were notified, as well as law enforcement and other related departments. All impacted individuals are being notified, and those patients whose Social Security numbers were compromised are being offered credit monitoring services. UCSF is strengthening educational and operational processes for information security.

Details: UCSF learned on Jan. 13 that the desktop computers were stolen on Jan. 11.

Quote: “While there is no evidence that there has been any attempted access or attempted use of the information involved in this incident, UCSF is responding with the highest level of caution and concern,” Elizabeth Fernandez, senior public information representative at UCSF, wrote in a notification posted online.

Source: ucsf.edu, “Computer Theft at UC San Francisco,” March 12, 2014.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

Transcript website flaw exposed personal data on 98k users

NeedMyTranscripts.com expose users' names, addresses and dates of birth, among other information, due to a site flaw that one user discovered.

Sourcebooks payment card breach impacts more than 5,000 customers

More than 5,000 customers had personal information stolen, but roughly 9,000 notification letters were sent out as a precautionary measure.

Cyberswim notifies customers that payment card data may be at risk

Malicious software installed on Sept. 24 may have compromised personal information for visitors that made purchases between May 12 and Aug. 28.