By Kim Zetter
March 02, 2009
An academic says he found thousands of sensitive medical records leaked
over peer-to-peer networks from computers at hospitals, clinics and
The report comes on the trail of news that a file containing sensitive
information about the presidential helicopter was leaked from a
government contractor's computer over a peer-to-peer network.
M. Eric Johnson, director of the Center for Digital Strategies at
Dartmouth College, says he used simple search terms on several
filesharing networks and uncovered files listing patient names, Social
Security numbers, birth dates, insurance carrier names and insurance
diagnosis codes that revealed which patients were being treated for
specific diseases. He conducted some of the searches last month and
presented his findings at a conference last week.
Among about 160 files that Johnson claims contained sensitive data
(.pdf) were two spreadsheets containing information on 20,000 patients,
which identified four patients being treated for HIV-AIDS, 326 patients
being treated for cancer, 201 being treated for mental illnesses and
thousands afflicted with various other diseases. The spreadsheets came
from a collection agency that a hospital employed to track down
Best Selling Security Books and More!