• Categories

  • Archives

    « Home

    IDG News Service: Johns Hopkins tells patients: Employee stole data for fraud

    I have written before about insiders abusing their access privileges to violate individuals’ privacy rights. Now, IDG News Service reports that Johns Hopkins might have had such a security breach:

    Baltimore’s Johns Hopkins Hospital is warning more than 10,000 patients about a data theft after linking a woman working in the hospital’s patient registration area to fraud.

    “Beginning around January 20, 2009, Johns Hopkins received reports, some from individuals themselves, and some through various local law enforcement agencies, that some individuals had determined that they were victims of identity theft and that the theft activities focused in the Baltimore area,” the hospital said in an April 3, 2009, letter sent to patients whose data was accessed. The letter was published Monday on the Maryland attorney general’s Web site. […]

    The employee had access to the Social Security numbers, names, addresses, dates of birth, telephone numbers, parents’ names and medical insurance information of current and former patients. She was not able to learn about the patients’ medical conditions, however.

    News of the incident was first reported Monday on, which noted that former Johns Hopkins employee Michelle Johnson had been indicted in January on fraud charges for allegedly using patient data to open fraudulent credit card accounts.

    Leave a Reply