Manager Commits SSN Identity Theft Against His Own 200,000 Patients
According to a November 2005 survey, 67 percent of
Americans are concerned about the privacy of their
personal health information and are mostly unaware
of their rights.
With good reason, take for example a former manager of
a California medical group who was arrested earlier this
year after stealing a DVD containing confidential data of
That identity thief was not some common street criminal
doing dumpster diving, but rather a trusted branch
manager for a medical services company servicing
hundreds of doctors.
As part of the patient data on the stolen DVD, later recovered
by the FBI, it included:
- Patient Names
- Phone Numbers
- Dates of Birth
- Social Security Numbers (ssn)
- Medical Diagnoses
- Medical Procedures performed
"inside man" was later revealed to have been associated
with a number of other thefts revealing a pattern of larceny
we've concluded medical data is a prime target for
This manager of the California medical services company, for
example, was also implicated in 6 other burgularies
involving 3 different locations of his employer.
This "inside man" was implicated, according to the court documents,
as all of the burgularies involved someone with company
security knowledge such as:
- Where within locked offices was a computer database containing credit card and payment authorization information for donors?
- Which desk contained keys needed to unlock the cabinet containing computer disks?
- How was the alarm system deactivated during 2 of the thefts?
This identity thief, working as the "inside man", was eventually
caught and much of the stolen equipment and data was recovered.
But, there's no limit to the amount of damage which could have
been done had it been proven this identity thief uploaded all
of that patient data to the various online forums he
hawked his stolen goods with.
Other medical identity thieves, who evidently were never caught,
have had an even larger impact. For example, how about the 1.4
million California's recieving in-home care whose social security
numbers and dates of birth (dob) were exposed when a Cal-Berkeley
researcher's computer was accessed by a hacker.
Or, how about the 145,000 UCLA blood donor's whose names,
dates of birth, and social security numbers (ssn) were on
a laptop stolen.
As in all of these cases and many more, their common repeating
theme is one of targeted identity theft by reckless criminals
operating from "insider's" knowledge or even access to highly
confidential medical and identity information.
So, our tip for today is to arm yourself against the organizations
which may still have more careful medical identity thieves quietly
stealing your data and selling it to the highest bidder.
You have the right to protect your personal information.
Get yourself enrolled in quality credit monitoring. Make sure
you check out your medical information profile and
request your personal information from medical providers so
that you have a personal backup file just in case it's ever stolen
by an identity thief and you need to prove the accuracy of your