DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

NYU Langone Medical Center notifies 8,400 neurosurgery patients that stolen computer may contain patient health info

Posted on July 24, 2012 by Dissent

NEW YORK, July 23, 2012 – NYU Langone Medical Center notified patients this week that a desktop computer containing personal health information was discovered stolen from the Faculty Group Practice office of John G. Golfinos, MD, chair of the Department of Neurosurgery on May 23, 2012. Although the computer was not encrypted, it was password protected and additional software would be needed to retrieve any data files, minimizing the risk that the information would actually be accessed.

In addition to data from Dr. Golfinos’ office, the stolen computer also contained patient data from the practices of Erik C. Parker, MD, associate professor of neurosurgery as well as the former practice of neurosurgeon Patrick J. Kelly, MD. The data on the computer was duplicated by the medical center prior to the theft, so no clinical information was permanently lost.

The computer contained data of about 8,400 patients, of which approximately 5,000 contained social security numbers. NYU Langone Medical Center is offering identity theft protection to all patients whose social security numbers may have been compromised. Other data on the computer includes name, address, date of birth, telephone number, insurance information, and clinical information related to visits to these physicians. There is no indication at this time that the information on the stolen computer has been accessed, misused, or disclosed in any way.

This incident was promptly reported to both NYU Langone Medical Center Security and the New York City Police Department and will be reported to the Office of Civil Rights, as required by the Health Information Technology for Economic and Clinical Health (HITECH) Act. Though security cameras did capture video of the individual suspected of the theft and was shared with police, the person responsible for the theft has not yet been identified, and the computer has not been recovered.

NYU Langone Medical Center is committed to protecting the privacy and security of our patients’ medical information and since this incident has taken affirmative steps and additional security measures, including moving protected health information from desktop computers to secure network drives and retraining staff regarding proper safeguarding of private patient information.

NYU Langone Medical Center’s Office of Compliance has set up a dedicated telephone line to answer patient’s questions regarding this issue. Our dedicated team can be reached at (877) 615-3775.

Source: NYU Langone Medical Center.

For other breaches reported by the center, see previous coverage on this blog.

Category: Health Data

Post navigation

← Gamigo breach exposed 8.24 million passwords, and now they’re public
Latest Data Breach Notification Bill Won’t Go Far →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Why Dumping Sensitive Data on Network Shares is a Liability
  • A militarily degraded Iran may turn to asymmetrical warfare – raising risk of proxy and cyber attacks
  • Pro-Russian hackers disrupt Dutch government websites ahead of NATO summit
  • Iran-Linked Threat Actors Leak Visitors and Athletes’ Data from Saudi Games
  • UK: Oxford City Council still investigating cyberattack from earlier this month
  • Steelmaker Nucor Says Hackers Stole Data in Recent Attack
  • People’s Republic of China cyber threat activity: Cyber Threat Bulletin
  • Ukrainian Web3 security auditing company Hacken suffered an attack that allowed a hacker to create 900 million HAI tokens
  • McLaren provides written notice to 743,131 patients after ransomware attack in July 2024 (2)
  • A state forensics lab was leaking its files. Getting it locked down involved a number of people.

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Sky Views Personal Data as a Potential Weapon in IPTV Piracy War
  • Florida Used a Nationwide Surveillance Camera Network 250 Times To Aid in Immigration Arrests
  • Federal Court Strikes Down HIPAA Reproductive Health Care Privacy Rule
  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill
  • Officials defend Liberal bill that would force hospitals, banks, hotels to hand over data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.