DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

TX: Stolen computer contained data on 30,000 MD Anderson patients

Posted on July 2, 2012 by Dissent

Eric Berger reports:

A laptop computer containing information on 30,000 patients at the University of Texas M.D. Anderson Cancer Center has been stolen.

The loss, reported Thursday, is one of the largest of its kind at a Texas Medical Center institution.

The data included specific medical information on about 10,000 of the patients, and was on an unencrypted computer stolen from an M.D. Anderson faculty member’s home on April 30.

Read more on Houston Chronicle.  A statement on the cancer center’s web site reads:

The University of Texas MD Anderson Cancer Center (MD Anderson) takes its patients’ privacy seriously. The confidentiality of the information we maintain for our patients is an important part of the fundamental trust that we share with them and their families. Regrettably, this notice concerns an incident related to that information.

On April 30, 2012, an unencrypted laptop computer was stolen from an MD Anderson faculty member’s home. The faculty member notified the local police department. MD Anderson was alerted to the theft on May 1, and immediately began a thorough investigation to determine what information was contained on the laptop. After a detailed review with outside forensics experts, we have confirmed that the laptop may have contained some of our patients’ personal information, including patients’ names, medical record numbers, treatment and/or research information, and in some instances Social Security numbers. We have no reason to believe that the laptop was stolen for the information that it contained. We have been working with law enforcement, but to date the laptop has not been located.

We are taking steps to prevent this from happening in the future, including accelerating our efforts to encrypt all MD Anderson computers. This technology scrambles each computer’s data to make it more difficult for unauthorized users to retrieve any information. We also are reinforcing with all employees our privacy policies in the handling of patient information. We began mailing letters on June 28 to all patients who were affected. If you believe you were affected and you have not received a letter by July 16, please call 1-877-441-3007, Monday through Saturday, from 8:00 a.m. to 8:00 p.m. Central Time. All addresses have been processed through the United States Postal Service’s National Change of Address database, so you do not have to call to update your information unless you do not receive a letter by July 16.

We deeply regret any inconvenience this incident may cause our patients.

Category: Health Data

Post navigation

← Anti Virus Giant Trendmicro & Sykes Hacked, Hundreds of Emails Dumped By @OfficialComrade
OH: Veterans' records found at home of deceased Dayton VA medical center employee →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Central Maine Healthcare tackles suspected cybersecurity issue; hospitals remain open
  • Cartier Data Breach: Luxury Retailer Warns Customers that Personal Data Was Exposed
  • Beyond the Pond Phish: Unraveling Lazarus Group’s Evolving Tactics
  • Akira doesn’t keep its promises to victims — SuspectFile
  • Fraudsters, murderers, students: who the GRU assembled a team of hacker provocateurs from and why it failed
  • Order of Psychologists of Lombardy fined 30,000 € for inadequate data security protection and detection following ransomware attack
  • Lower Merion School District says a data breach was caused by a computer glitch (1)
  • After $1 Million Ransom Demand, Virgin Islands Lottery Restores Operations Without Paying Hackers
  • Junior Defence Contractor Arrested For Leaking Indian Naval Secrets To Suspected Pakistani Spies
  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Stewart Baker vs. Orin Kerr on “The Digital Fourth Amendment”
  • Fears Grow Over ICE’s Reach Into Schools
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.