[Dataloss] [Follow-up] Vassar Brothers Medical Center
blitz
blitz at strikenet.kicks-ass.net
Thu Feb 8 22:53:13 EST 2007
I'm afraid we may be seeing the tip of a new trend. When a company
realizes its been breached, they merely hire an independent
investigator to say they weren't, and buy a lot of insurance to cover
it. If the incident "hasn't happened" then they should be able to
still get enough insurance to CYA. In any case, I expect to see
admissions mitigated a lot more frequently by similar dealings.
Lie, CYA, and hope nothing comes of it. The majority apparently
don't, so its a gamble for them with odds on their side. Perhaps...
Noting less should be expected from corporations who if they gave a
damn would of secured it properly in the first place. Its just more
corporate slight-of-hand.
Grrr....
At 14:13 2/8/2007, Dissent wrote:
>In August 2006, DL reported that Vassar Brothers Medical Center had
>reported a stolen laptop containing PII on almost 260k patients.
>Original story: http://attrition.org/dataloss/2006/08/vbmc01.html
>
>Vassar Brothers issued two letters to patients following that breach:
>http://www.poughkeepsiejournal.com/assets/pdf/BK3538482.PDF
>http://www.poughkeepsiejournal.com/assets/pdf/BK6060427.PDF
>
>Subsequently, Vassar Brothers retained Kroll to investigate the theft
>and missing data. They then issued a press release saying that based
>on Kroll's investigation of network server logs, the stolen laptop
>did not contain any identifying patient information.
>
>The Poughkeepsie Journal has been all over this breach and just
>published two more articles today, which dispute some of VBMC's
>reported statements:
>
>Official: Data installed as part of drills
>http://www.poughkeepsiejournal.com/apps/pbcs.dll/article?AID=/20070208/BUSINESS/70207069/1003
>
>and:
>
>Documents show patient data on stolen laptop
>http://www.poughkeepsiejournal.com/apps/pbcs.dll/article?AID=/20070208/BUSINESS/70207079
>
>
>
>
>--
>Main site: http://www.pogowasright.org
>Main RSS feed: http://www.pogowasright.org/backend/pogowasright.rss
>Breaches RSS feed: http://www.pogowasright.org/backend/breaches.rss
>
>_______________________________________________
>Dataloss Mailing List (dataloss at attrition.org)
>http://attrition.org/dataloss
>Tracking more than 146 million compromised records in 566 incidents
>over 7 years.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://attrition.org/pipermail/dataloss/attachments/20070208/0c6b7313/attachment.html
More information about the Dataloss
mailing list