DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Kindred Healthcare reports theft of safes containing patient data backups

Posted on August 16, 2012 by Dissent

Kindred Healthcare Inc. (Kindred Transitional Care And Rehablitation) reported a burglary of their Sellersburg, Indiana facility on June 1. The theft of patient data affected 1,504, according to their report to HHS. The burglary appears to the second burglary experienced by Kindred this year.

A July 25 Notice on their web site explains:

Sometime between June 1, 2012, and June 4, 2012, there was a break in at Kindred Transitional Care and Rehabilitation-Sellersburg’s business office. No one was hurt during the incident and patient care was not affected. On June 4, 2012, Kindred discovered that a safe was missing. Kindred contacted the police department on June 4, and an investigation was conducted by the police department. To date, the safe has not been located.

Inside the safe were tapes used by Kindred to back up files containing data relating to past, present and prospective patients at several Kindred facilities.  Some of the information on the tapes included diagnosis and social security numbers. The tapes also included other clinical and financial information such as address, date of birth, insurance number, dates that services were received from Kindred, discharge location, activities of daily living, collections letters, medications received, and bank account information. Most of the individuals whose information was included were admitted between 2009 and 2012.

The tapes require specialized equipment and software to view the information contained on them, and Kindred has no reason to believe the information has been or will be accessed by any unauthorized person. Although there is no reason to believe that the information has been or will be used for any illegal or unauthorized purpose, out of an abundance of caution, Kindred provided notice to affected individuals in accordance with state and federal law. At this time, Kindred has no evidence that personal information has been misused.

[…]

It was while digging into that breach I found there had been a prior burglary reported by Kindred for another one of their locations. That breach notice is no longer available on their site, but I was able to retrieve it via cache:

APRIL 16, 2012

Kindred Transitional Care and Rehabilitation-Highgate (Kindred) takes the privacy of health information seriously.  On the evening of January 26, 2012, there was a break in of the main office at Highgate.  Kindred immediately contacted authorities, and an investigation was conducted.  On January 27, 2012, we discovered that a safe was missing from the main office area of the facility.  Inside the safe were the backup tapes used by Kindred to back up files maintained at the facility.  The backup tapes were not encrypted, but the tapes require specialized equipment and software to be able to view the information contained on them.  Kindred conducted a thorough review of the contents of the backup tapes.  The information on the tapes included patient names, dates of birth, gender, diagnoses and progress notes.  The information did not include any social security numbers or other financial information.

We do not believe the safe was stolen for the backup tapes, nor do we believe the tapes have been accessed.  Kindred is currently reviewing our procedures for storing backup tapes to see if other safeguarding measures are appropriate.

We have been unable to notify some individuals who were affected by this theft. If you believe your protected health information may be affected, please contact Kindred toll-free at 800-545-0749 for more information.

The Highgate burglary has not been listed on HHS’s breach too.

Two office burglaries within a six-month period, at two locations? Curious.

No related posts.

Category: Health Data

Post navigation

← Council reassures staff following data breach
Choices, Inc. hacked: clients' SSN and health info accessed (updated) →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure
  • Kentfield Hospital victim of cyberattack by World Leaks, patient data involved
  • India’s Max Financial says hacker accessed customer data from its insurance unit
  • Brazil’s central bank service provider hacked, $140M stolen
  • Iranian and Pro-Regime Cyberattacks Against Americans (2011-Present)
  • Nigerian National Pleads Guilty to International Fraud Scheme that Defrauded Elderly U.S. Victims
  • Nova Scotia Power Data Breach Exposed Information of 280,000 Customers
  • No need to hack when it’s leaking: Brandt Kettwick Defense edition
  • SK Telecom to be fined for late data breach report, ordered to waive cancellation fees, criminal investigation into them launched
  • Louis Vuitton Korea suffers cyberattack as customer data leaked

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • On July 7, Gemini AI will access your WhatsApp and more. Learn how to disable it on Android.
  • German court awards Facebook user €5,000 for data protection violations
  • Record-Breaking $1.55M CCPA Settlement Against Health Information Website Publisher
  • Ninth Circuit Reviews Website Tracking Class Actions and the Reach of California’s Privacy Law
  • US healthcare offshoring: Navigating patient data privacy laws and regulations
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • Google Trackers: What You Can Actually Escape And What You Can’t

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.