Slashdot Mirror
Military Healthcare Data Stolen
An anonymous reader writes "TriWest, a federal contractor providing healthcare to the military, had computer hardware stolen from one of their offices. Social security numbers, credit card numbers, and healthcare information about 500,000 US military personnel and their families is contained on the stolen hardware. The AP picked up the story. The theft is also being covered by the Salt Lake Tribune and the Arizona Republic. This opens the door to speculation about who would be interested in the data held by a military contractor and what they will do with the information."
This opens the door to speculation about who would be interested in the data held by a military contractor and what they will do with the information.
Well if the military keeps a record of imunizations of its soldiers, then any country wishing to use bio weapons upon the US could use their medical record to determine which viruses/bacteria/pathogens they are weakest against.
I work in healthcare
Healthcare sysadmins are often pretty poorly paid and are often people who would not make it in a business environment, and the security is often minimal. I know, I 'test' it.
I think we will have a few more of these disasters until the healthcare industry realises that IT is part of its core business and has to pay accordingly.
Humorous signatures are over-rated.
Rather than spending money on tracking down and throwing a bunch of clueless hackers in jail, law enforcement should really focus on the criminals that are easy to identify and prosecute: companies that don't treat customer data with appropriate care. If a few high-profile cases resulted in hundreds of millions of dollars in fines, these cases would soon stop happening: companies would finally make the modest investments necessary to keep customer data secure.
forget about virtually protecting patient data with VPNs and encrytption... how about some physical security? They state that there was "reasonable security" for a company; hmmmm... obviously that hinges on your definition of reasonable.
Data like this is a gold mine if the thieves have any idea how to use it. I hope they are advising people to put fraud alerts on their credit reports... but there are things worse than identity theft. What might that information be worth to a foreign power, or terrorist organization?
Even if a man chops off your hand with a sword, you still have two nice, sharp bones to stick in his eyes.
Yeah. Like the way the Mad Anthrax Mailer suddenly went from a "must get" when it was thought to be a filthy foriegner to a "drop like hot potato" when it started looking like ties to senior millitary research labs.
if you haven't got physical security, you haven't got ANY security.
Even if a man chops off your hand with a sword, you still have two nice, sharp bones to stick in his eyes.
So this suggests that the U.S. Government's Total Information Awareness program would be a nice, juicy target. After all, everything's in one place...
To a prisoner of war, sitting chained to a chair in some interrogation chamber after just being repeatedly subjected to beatings, whippings, and electric shock torture and probably doped up on sodium pentothal, even the threat of action against their family by someone who has even a sliver of information about them would seem very real indeed.
Suppose the following scenario: you are kidnapped, taken to a small room and tortured, then someone asks you for classified information, or to betray your country, or to do something that every fiber in your being resists. Then that person proceeds to enumerate the names, ages, addresses, and medical conditions of your family members. Perhaps they include a bit of data on where they go out to eat, or where they work, of if there's an alarm system on their house. They don't have to say where they got the data, the very fact that they have it at all could lead you to believe that they have much, much more of it. Most military members have family somewhere that doesn't live on base (parents, siblings, etc.) Information is the most valuable tool an enemy can have.
In the end they will lay their freedom at our feet and say to us, Make us your slaves, but feed us. - Fyodor Dostoyevsky
It's in the first line.
Thieves who broke into a government contractor's office snatched computer hard drives containing Social Security numbers, addresses and other records of about 500,000 members of the military and their families.
Only the harddrives were taken from the machines, so unless the thieves were desperate for more space to download mp3s onto, then it's quite probable that they were just after the data.
"Free software as in beer, copy protection as in racket" - Telsa Gwynne
As a member of the military, I am ~really~ curious to know what they could do with that info.
/alot/ more info. Alot.
Someone mentioned immunization records. But who cares if some 80 yr old retired Sgt Major had his TB recently? And untill you correlate Soldiers with Units, that info won't do you much good. If you wanted to know that, why not steal if from the Unit... it wouldn't be to much harder; and would provide
I personally think that they where after SSN's, and just happened to view a haul of 500k as too good to pass up. I don't believe that the fact it was military was of consequence. Which is why I also believe that it was American Civilians that did it, not some Foreign Agent. If so, I'm f*'ing pissed.
I don't need to say how well you can screw someone over with thier SSN; imagine the entire Military preoccupied with sorting out thier lifes; worried about a wife (or husband) and children having to deal with identity thieft while the soldier is busy overseas.
--Cam
All jocks think about is sports. All nerds think about is sex.