Walter Reed suffers peer-to-peer data breach

Share this article:

Unauthorized file-sharing is to blame for a data breach at Walter Reed Army Medical Center that exposed the personal information of nearly 1,000 patients.

Walter Reed officials said in a statement that they were notified of the possible breach on May 21 by an outside company. Preliminary results of an ongoing investigation have identified a computer from which the data was apparently compromised. Data security personnel from Walter Reed, located in Washington, D.C.,  and the U.S. Army continue to investigate the source and causes for the information compromise.

Victims, who are military health system beneficiaries, are being notified and offered credit monitoring services, the statement said.

“The disclosure of this information raises the possibility that individuals named in the file could become victims of identity theft,” the release said.

Other published reports stated that the file was found on a non-government, non-secure computer network.

The U.S. House of Representatives Armed Services Committee is awaiting the results of the Army's investigation into the situation, but it is troubling when private data is inappropriately released, committee chairman Ike Skelton, D-Mo., told SCMagazineUS.com on Tuesday. 

“We must ensure that personal information is protected and prevent any future compromise of patient records,” he said.

The risk of data breaches will likely increase as the use of file-sharing software becomes more popular in the workplace, Kurt Johnson, vice president for business development at Courion, a provisioning and access compliance solutions firm, told SCMagazineUS.com on Tuesday.

“It's a great tool for sharing information when collaborating on a group project,” Johnson said. “But there isn't always a lot of control over who has access to the files and what information is being shared.”

The best way to protect data is develop certain rules and guidelines regarding file-sharing and then provide education on overall data security, Phil Neray, vice president of marketing at Guardium, a database security company.

“One of the biggest problems, however, is monitoring contractors,” Neray said. “Outsourcers are given access to a lot of information, and too often, they aren't being monitored.”

 

 

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.