DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Kindred Healthcare reports theft of safes containing patient data backups

Posted on August 16, 2012 by Dissent

Kindred Healthcare Inc. (Kindred Transitional Care And Rehablitation) reported a burglary of their Sellersburg, Indiana facility on June 1. The theft of patient data affected 1,504, according to their report to HHS. The burglary appears to the second burglary experienced by Kindred this year.

A July 25 Notice on their web site explains:

Sometime between June 1, 2012, and June 4, 2012, there was a break in at Kindred Transitional Care and Rehabilitation-Sellersburg’s business office. No one was hurt during the incident and patient care was not affected. On June 4, 2012, Kindred discovered that a safe was missing. Kindred contacted the police department on June 4, and an investigation was conducted by the police department. To date, the safe has not been located.

Inside the safe were tapes used by Kindred to back up files containing data relating to past, present and prospective patients at several Kindred facilities.  Some of the information on the tapes included diagnosis and social security numbers. The tapes also included other clinical and financial information such as address, date of birth, insurance number, dates that services were received from Kindred, discharge location, activities of daily living, collections letters, medications received, and bank account information. Most of the individuals whose information was included were admitted between 2009 and 2012.

The tapes require specialized equipment and software to view the information contained on them, and Kindred has no reason to believe the information has been or will be accessed by any unauthorized person. Although there is no reason to believe that the information has been or will be used for any illegal or unauthorized purpose, out of an abundance of caution, Kindred provided notice to affected individuals in accordance with state and federal law. At this time, Kindred has no evidence that personal information has been misused.

[…]

It was while digging into that breach I found there had been a prior burglary reported by Kindred for another one of their locations. That breach notice is no longer available on their site, but I was able to retrieve it via cache:

APRIL 16, 2012

Kindred Transitional Care and Rehabilitation-Highgate (Kindred) takes the privacy of health information seriously.  On the evening of January 26, 2012, there was a break in of the main office at Highgate.  Kindred immediately contacted authorities, and an investigation was conducted.  On January 27, 2012, we discovered that a safe was missing from the main office area of the facility.  Inside the safe were the backup tapes used by Kindred to back up files maintained at the facility.  The backup tapes were not encrypted, but the tapes require specialized equipment and software to be able to view the information contained on them.  Kindred conducted a thorough review of the contents of the backup tapes.  The information on the tapes included patient names, dates of birth, gender, diagnoses and progress notes.  The information did not include any social security numbers or other financial information.

We do not believe the safe was stolen for the backup tapes, nor do we believe the tapes have been accessed.  Kindred is currently reviewing our procedures for storing backup tapes to see if other safeguarding measures are appropriate.

We have been unable to notify some individuals who were affected by this theft. If you believe your protected health information may be affected, please contact Kindred toll-free at 800-545-0749 for more information.

The Highgate burglary has not been listed on HHS’s breach too.

Two office burglaries within a six-month period, at two locations? Curious.

Related posts:

  • RI: Hospital says unencrypted backup tapes with patient info are missing
  • Infinity Rehab and Avamere Health Services notify 380,984 patients about breach at Avamere (with updates)
  • Avamere Health Services updates its breach disclosure
  • HHS update to breach tool shows laptop theft is not a thing of the past, Part 1
Category: Health Data

Post navigation

← Council reassures staff following data breach
Choices, Inc. hacked: clients' SSN and health info accessed (updated) →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.