22 Aug 2011

Californians' medical files exposed on the web

The medical records of nearly 300,000 Californians were recently posted online without any internet security protections, leaving them vulnerable to hackers and other fraudsters, according to The Associated Press.

Aaron Titus, an identity theft specialist, found the information posted to the website of Southern California Medical-Legal Consultants, a company that expedites worker compensation payments for healthcare providers. He notified the company and the AP, telling the news source the information was not password protected and was accessible via Google.

Southern California Medical-Legal Consultants owner Joel Hecht told the AP the information has now been secured. He said the records, some of which included patients' Social Security numbers, were exposed by workers who did not follow the company's protocols, and he did not specify how many potential victims have been contacted.

Earlier this year, a malware infection at the Beth Israel Deaconess Medical Center in Boston compromised 2,021 radiology patients' files.

Medical records are valuable to hackers primarily for purposes of blackmail, and are not as highly sought after as personal financial information like credit card numbers, according to a Daily Beast report.