Desktop PC stolen from Johns Hopkins may be insider job

Where did the breach occur? Johns Hopkins Hospital in Baltimore.

What happened? A desktop computer was stolen from an "administrative work area" on July 15. It was returned Sept. 2 to the hospital by an unnamed person.

How many victims? 5,783 patients.

What kind of personal information? Names, Social Security numbers, birth dates, medical histories.

What was the response? The hospital notified affected people and is offering credit monitoring and counseling services for one year. A forensic investigator is determining whether any personal information was accessed.

Details: The hospital believes the criminals responsible for the theft may be a Hopkins employee and a worker for an on-site vendor. Officials do not suspect the information will be used to conduct identity theft and that the PC likely was sold for its machine value. The hospital waited five weeks to inform victims because they did not want to jeopardize the investigation. This is the second breach of the year to affect Hopkins. In February, the hospital reported it lost backup tapes containing the personal information of some 135,000 employees and patients.

Quote: "It was very upsetting." - Female patient whose personal data was compromised in the theft.

Source: "Hopkins reports theft of data," Sept. 1, Baltimore Sun. "Stolen hospital computer returned...," Sept. 4, Baltimore Business Journal.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.