Walter Reed suffers peer-to-peer data breach

Share this article:

Unauthorized file-sharing is to blame for a data breach at Walter Reed Army Medical Center that exposed the personal information of nearly 1,000 patients.

Walter Reed officials said in a statement that they were notified of the possible breach on May 21 by an outside company. Preliminary results of an ongoing investigation have identified a computer from which the data was apparently compromised. Data security personnel from Walter Reed, located in Washington, D.C.,  and the U.S. Army continue to investigate the source and causes for the information compromise.

Victims, who are military health system beneficiaries, are being notified and offered credit monitoring services, the statement said.

“The disclosure of this information raises the possibility that individuals named in the file could become victims of identity theft,” the release said.

Other published reports stated that the file was found on a non-government, non-secure computer network.

The U.S. House of Representatives Armed Services Committee is awaiting the results of the Army's investigation into the situation, but it is troubling when private data is inappropriately released, committee chairman Ike Skelton, D-Mo., told SCMagazineUS.com on Tuesday. 

“We must ensure that personal information is protected and prevent any future compromise of patient records,” he said.

The risk of data breaches will likely increase as the use of file-sharing software becomes more popular in the workplace, Kurt Johnson, vice president for business development at Courion, a provisioning and access compliance solutions firm, told SCMagazineUS.com on Tuesday.

“It's a great tool for sharing information when collaborating on a group project,” Johnson said. “But there isn't always a lot of control over who has access to the files and what information is being shared.”

The best way to protect data is develop certain rules and guidelines regarding file-sharing and then provide education on overall data security, Phil Neray, vice president of marketing at Guardium, a database security company.

“One of the biggest problems, however, is monitoring contractors,” Neray said. “Outsourcers are given access to a lot of information, and too often, they aren't being monitored.”

 

 

Share this article:

Sign up to our newsletters

More in News

Oracle fixes 104 flaws in quarterly update, addresses Heartbleed bug

Oracle's Critical Patch Update (CPU) plugged 37 holes in the popular Java browser plug-in.

Two plead guilty for roles in separate Android app piracy groups

Two members of different Android app piracy groups pleaded guilty this week to conspiracy to commit criminal copyright infringement.

Study: Eighteen percent of online adults have had personal info stolen

About 18 percent of online adults have had personal information stolen, and more than 20 percent had an email or social networking account compromised.