L.A. County finds 3,500 more patients affected by data breach
by Abby Sewell, Los Angeles Times
Los Angeles County officials said Thursday that an additional 3,497 patients may have had their personal information taken in a theft of medical data from a county contractor’s office.
Eight computers were taken from the Torrance office of Sutherland Healthcare Solutions, a company that handles medical billing and collections for the county, in February. The total number of patients affected is now about 342,000.
According to a statement from the county auditor-controller’s office, the newly identified patients were Department of Public Health patients who had received Drug Medi-Cal services. Names, addresses and billing information for those patients may have been taken, but no Social Security numbers were included in the reports stored on the stolen computers.
Torrance police are investigating the break-in, along with the Los AngelesCounty district attorney’s cyber crime team and the U.S. Secret Service, which also investigates computer crimes.
Sutherland, via a public relations firm, released a description of a suspect in the break-in and surveillance video images last month. The company is offering a $25,000 reward for information leading to the return of the stolen equipment or the arrest and conviction of those responsible for the theft.
According to the statement released by Englander, Knabe & Allen on behalf of Sutherland, the suspect captured on film is a black man of “unknown age and height with a thick build.” He was wearing gloves, a dark sweatshirt and dark hat with white insignias, gray or blue jeans and bright blue athletic shoes. He also had an earring in his left ear and a large watch on his left wrist.
County officials said the county is still reviewing Sutherland’s security procedures. So far, at least three lawsuits have been filed against the county over the data breach.
Sutherland sent out notices to potentially affected patients offering free credit monitoring. The firm also has set up a toll free line – (877) 868-9284 – for those trying to determine if their records are involved.
Tags: Data Breach, Medical Issues, Medical Privacy