Laptop stolen from U Kentucky had info on newborns and mothers

From the University of Kentucky:

The University of Kentucky is notifying 2,027 people of a breach of protected health information. Between June 18 and June 21, 2010, a laptop computer containing information from the Newborn Screening Program was stolen from the Department of Pediatrics Newborn Screening Program. The theft was reported to the UK Police Department which is handling the investigation.

We do not believe the laptop, which had been stored in a locked private office, was stolen for the information it contained or that any information has been released or used. Access to the laptop was password-protected but the hard drive was not encrypted. Information on the laptop consists of patient names, medical record numbers as well as the date of birth, diagnosis, mother’s name, and in some instances, the social security numbers of some of the mothers in the Newborn Screening Program.

According to the public notice, no credit card or debit card information was on the laptop.

Paying cyberattackers is wrong, right? Should Taos County's incident be an exception? (1)
HHS OCR Settles HIPAA Ransomware Investigation with Syracuse ASC for $250k plus corrective action plan
IVF provider Genea notifies patients about the cyberattack earlier this year.
Clorox Files $380M Suit Alleging Cognizant Gave Hackers Passwords in Catastrophic 2023 Cyberattack
Two more entities have folded after ransomware attacks
Data breach feared after cyberattack on AMEOS hospitals in Germany

Related: