DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Kindred Healthcare reports theft of safes containing patient data backups

Posted on August 16, 2012 by Dissent

Kindred Healthcare Inc. (Kindred Transitional Care And Rehablitation) reported a burglary of their Sellersburg, Indiana facility on June 1. The theft of patient data affected 1,504, according to their report to HHS. The burglary appears to the second burglary experienced by Kindred this year.

A July 25 Notice on their web site explains:

Sometime between June 1, 2012, and June 4, 2012, there was a break in at Kindred Transitional Care and Rehabilitation-Sellersburg’s business office. No one was hurt during the incident and patient care was not affected. On June 4, 2012, Kindred discovered that a safe was missing. Kindred contacted the police department on June 4, and an investigation was conducted by the police department. To date, the safe has not been located.

Inside the safe were tapes used by Kindred to back up files containing data relating to past, present and prospective patients at several Kindred facilities.  Some of the information on the tapes included diagnosis and social security numbers. The tapes also included other clinical and financial information such as address, date of birth, insurance number, dates that services were received from Kindred, discharge location, activities of daily living, collections letters, medications received, and bank account information. Most of the individuals whose information was included were admitted between 2009 and 2012.

The tapes require specialized equipment and software to view the information contained on them, and Kindred has no reason to believe the information has been or will be accessed by any unauthorized person. Although there is no reason to believe that the information has been or will be used for any illegal or unauthorized purpose, out of an abundance of caution, Kindred provided notice to affected individuals in accordance with state and federal law. At this time, Kindred has no evidence that personal information has been misused.

[…]

It was while digging into that breach I found there had been a prior burglary reported by Kindred for another one of their locations. That breach notice is no longer available on their site, but I was able to retrieve it via cache:

APRIL 16, 2012

Kindred Transitional Care and Rehabilitation-Highgate (Kindred) takes the privacy of health information seriously.  On the evening of January 26, 2012, there was a break in of the main office at Highgate.  Kindred immediately contacted authorities, and an investigation was conducted.  On January 27, 2012, we discovered that a safe was missing from the main office area of the facility.  Inside the safe were the backup tapes used by Kindred to back up files maintained at the facility.  The backup tapes were not encrypted, but the tapes require specialized equipment and software to be able to view the information contained on them.  Kindred conducted a thorough review of the contents of the backup tapes.  The information on the tapes included patient names, dates of birth, gender, diagnoses and progress notes.  The information did not include any social security numbers or other financial information.

We do not believe the safe was stolen for the backup tapes, nor do we believe the tapes have been accessed.  Kindred is currently reviewing our procedures for storing backup tapes to see if other safeguarding measures are appropriate.

We have been unable to notify some individuals who were affected by this theft. If you believe your protected health information may be affected, please contact Kindred toll-free at 800-545-0749 for more information.

The Highgate burglary has not been listed on HHS’s breach too.

Two office burglaries within a six-month period, at two locations? Curious.

Category: Health Data

Post navigation

← Council reassures staff following data breach
Choices, Inc. hacked: clients' SSN and health info accessed (updated) →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant
  • US State Dept. says silence or anonymity on social media is suspicious

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.