DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Washington University School of Medicine notifies surgery patients of breach

Posted on January 14, 2013 by Dissent

Washington University School of Medicine is notifying surgery patients of a breach:

Washington University takes seriously the protection of our patients’ health information. Regrettably, this notice is regarding a recent incident involving some of that information.

On November 29, 2012, Washington University learned that a physician’s laptop computer was stolen on November 28, 2012 from the room where the physician had delivered a lecture at a conference in Argentina. We immediately began a thorough investigation to identify the information that was on the computer. After a detailed review, we confirmed that the laptop was password protected, but it was not “encrypted,” which is a technology that scrambles the computer’s data in a way that makes it more difficult for an unauthorized user to retrieve the information. The laptop contained some information on approximately 1,100 patients, including names, dates of birth, medical record numbers, diagnoses, the types and dates of surgery, and in 39 instances, Social Security numbers. To date, the computer has not been located.

No actual medical records were on the computer and they have not been lost, so this incident does not affect patients’ or their doctors’ ability to access medical information and will not interfere with patients’ ability to receive care from their Washington University physician. Most university patients are not affected. All of the affected individuals were patients of a Department of Surgery physician from 2002 to present.

We have no reason to believe the computer was taken for the information it contained. However, out of an abundance of caution, we began notifying affected patients on January 11, 2013. We have also established a dedicated call center for patients with questions and are offering identity protection services to eligible individuals. If you believe you are affected but do not receive a letter by January 25, 2013, please call 1-888-414-8020 Monday through Friday between 8 a.m. and 5 p.m. Central time and enter the reference code 4692010712 when prompted.

We deeply regret any inconvenience this may cause our patients. To help prevent something like this from occurring in the future, we are expanding our use of encryption on portable devices and re-educating our workforce members regarding the importance of handling patient information securely.

The St. Louis Post-Dispatch broke the news.

No related posts.

Category: Health Data

Post navigation

← The @VandaTheGod Connection to @lulzpirate
B.C. ministry says millions affected by health-data breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • McDonald’s McHire leak involving ‘123456’ admin password exposes 64 million applicant chat records
  • Qilin claims attack on Accu Reference Medical Laboratory. It wasn’t the lab’s first data breach.
  • Louis Vuitton hit by data breach in Türkiye, over 140,000 users exposed; UK customers also affected (1)
  • Infosys McCamish Systems Enters Consent Order with Vermont DFR Over Cyber Incident
  • Obligations under Canada’s data breach notification law
  • German court offers EUR 5000 compensation for data breaches caused by Meta
  • Air Force Employee Pleads Guilty to Conspiracy to Disclose Unlawfully Classified National Defense Information
  • UK police arrest four in connection with M&S, Co-op and Harrods cyberattacks (1)
  • At U.S. request, France jails Russian basketball player Daniil Kasatkin on suspicion of ransomware conspiracy
  • Avantic Medical Lab hacked; patient data leaked by Everest Group

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • DeleteMyInfo Wins 2025 Digital Privacy Excellence Award from Internet Safety Council
  • TikTok Loses First Appeal Against £12.7M ICO Fine, Faces Second Investigation by DPC
  • German court offers EUR 5000 compensation for data breaches caused by Meta
  • How to Build on Washington’s “My Health, My Data” Act
  • Department of Justice Subpoenas Doctors and Clinics Involved in Performing Transgender Medical Procedures on Children
  • Google Settles Privacy Class Action Over Period Tracking App
  • ICE Is Searching a Massive Insurance and Medical Bill Database to Find Deportation Targets

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.