http://arstechnica.com/security/2013/08/medical-lab-allegedly-exposed-customer-info-on-p2p-claims-it-was-the-victim/
By Jon Brodkin
Ars Technica
Aug 29 2013
A medical testing laboratory called LabMD has been accused of exposing the
personal information of about 10,000 customers on a peer-to-peer file
sharing network.
The company has been fighting the claims, saying a security firm that
uncovered the breach victimized LabMD by downloading a large spreadsheet
containing sensitive customer information.
The US Federal Trade Commission today said it filed a complaint which
"alleges that LabMD billing information for over 9,000 consumers was found
on a peer-to-peer (P2P) file-sharing network and then, in 2012, LabMD
documents containing sensitive personal information of at least 500
consumers were found in the hands of identity thieves."
The lab is based in Atlanta but performs medical tests for consumers
nationwide.
Police in Sacramento, CA, found in 2012 that identity thieves had
possession of LabMD documents containing names, Social Security numbers,
and bank account information for at least 500 people. "[A] number of these
Social Security numbers are being or have been used by more than one
person with different names, which may be an indicator of identity theft,"
the FTC said. The complaint also alleges that "a LabMD spreadsheet
containing insurance billing information was found on a P2P network," the
FTC said. "The spreadsheet contained sensitive personal information for
more than 9,000 consumers, including names, Social Security numbers, dates
of birth, health insurance provider information, and standardized medical
treatment codes."
[...]
--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/
