There are some details I routinely look for in breach reports. So when I saw a breach report yesterday that indicated the breach occurred in August 2011 and wasn’t discovered until June 27, 2013, it caught my eye.
According to a letter sent this week to affected customers and patients, San Jose Medical Supply Company (SJMS) recently discovered a breach that had occurred when the business was under previous ownership. In a letter to those affected, Jesille Kuizon, President of the company, explained that when the former owner of the firm died in August 2011, the company continued operating through its employees and agents under the supervision of trustees. In August 2012, the firm was bought from the former owner’s probate estate. The new owner “uncovered certain suspicious activity taken by the former employees, officers and/or agents of the prior owner, which may have compromised the security of customer’s health inform