Clinical Reference Laboratory is notifying individuals who applied for insurance with Nationwide Mutual Insurance Company that some of their personal information may have been lost in the mail.
On April 9, CRL wrote that invoices for their services were sent to Nationwide on February 6 with applicants’ names, dates of birth, last four digits of Social Security numbers, and types of laboratory tests conducted. Despite reinforced packaging, the shipment was damaged in the mail, and when it was returned to CRL by the post office, some pages of invoices were missing. CRL believes that those pages would be segregated and destroyed by USPS under their procedures, but of course, that doesn’t prove that no one helped themselves to the separated pages.
CRL has offered those affected free monitoring services with Equifax Personal System.
You can read their notification to affected individuals in Vermont on the Vermont Attorney General’s website. It is not clear how many individuals are being notified of this incident.
Update: Great catch by Jeanne Price of idRADAR.com that this was the second breach of the same kind involving CRL within six months. Read her post and her comparison of the two incidents on idRADAR.com.