Friday, August 17, 2007

Privacy Breaches Force Online Bill-Payment Company Out of Business

Ellen Messmer writes on NetworkWorld:

Small mistakes can have big consequences.

Last April when a network technician working for Bellevue, Wash.-based Web content-management company Verus failed to set up a firewall properly as part of an online bill-payment service for hospitals, the mistake exposed patient data from at least a half-dozen hospitals across the country.

Until the mistake was discovered over a month later, patient information that had been stored by Verus on behalf of Concord Hospital in New Hampshire; St. Vincent Indianapolis Hospital in Indiana; Stevens Hospital in Edmonds, Wash.; and Sky Lakes Medical Center in Klamath Falls, Ore., among others, could be openly accessed on the Web. And it was, at least by Google bots that indexed it for search.

More here.

0 Comments:

Post a Comment

<< Home