Kaiser: Worker data breached, identity fraud reported

Kaiser Permanente is notifying its 29,500 Northern California employees that their data may have been exposed in a breach, the company said on Friday. It is unknown exactly how many workers have been affected, but a handful of workers have reported identity fraud as a result of the breach, Kaiser said.

The Oakland, Calif.-based company is offering one year of free credit monitoring for anyone who is affected, according to a statement from Kaiser.

One person, who is not a Kaiser employee, was arrested after law enforcement authorities seized a computer file with Kaiser human resources-type data in that person's possession, the statement said. A Kaiser representative said Friday that police in San Ramon, Calif., notified the company in late January about the arrest of the person with the file.

No Kaiser members or their medical information were accessed in the breach, the company said.

The news is the latest in a string of breaches at large corporations. Last month, payment processor Heartland Payment Systems reported a breach in its network that exposed consumer credit card data. Last year, RBS WorldPay, another payment processor, reported a breach that led to millions of dollars being withdrawn from consumer bank accounts with cloned debit cards.

[Mr. Dee]

Yawn, whats new.

[MaLvaDo39]

Windows...

[kojacked]

Linux...OSX...Dumb people like you. It's all the same.

[nt_gd]

It would help if all these reports would provide the hotline for employees to call.
1-877-281-3573
I found this at http://www.santacruzsentinel.com/nationalbreaking/ci_11647421
Seems that they are only one of a few to think to provide this important info for those that might be at risk.

[Colin-Beveridge]

This is a global problem that won't go away. Too many organizations are not taking a properly balanced [holistic] approach to protecting data. The consequences of these shortcomings are serious financial/ identity risk to the data subjects. Things could be different, things could be better. But they appear to be getting worse so I recently wrote a summary of how to improve data governance. This is freely available from my website and has been well-received. http://tinyurl.com/am5sf4

Please note this is not a commercial proposition - the document is my sincere contribution to resolving a problem and was my submission to a recent parliamentary/ industry round-table meeting.

[ann-onimus]

Not that this surprises me at all. They used to keep employee social security numbers in the Windows Domain under "Comments". Kaiser's IT management goes through so many reg-orgs its surprising that something worse hasn't happened. The place is run by the doctors, IT is the red-headed step child and is constantly running around with their tail between their legs like a dog that just got smacked. The network is so broad and so convoluted they can't even trace all the servers down. this is just the calm before the storm.

[CyberWoLfman]

The ONLY way that this will stop is if they pass a law stating that the company and employees who are responsible for the data being stolen will be responsible for all that is done with it as a result of their stupidity. I'm betting that they don't even use encryption. LOL But, if something like that new law starts cutting into their profit, you can bet they'll FINALLY start making some changes. Until then, we can look forward to this happening again, and again, and again, year after year, while people keep asking why something isn't done. News flash for you: those with power and wealth don't give a crap about anybody unless they're made to. This includes wealthy fat cats who lose money then ask taxpayers to bail them out and politicians who side with those who are screwing us over, including those who get elected and then give top jobs in the DoJ to the nastiest people in the RIAA.

But, sheeple will be sheeple . . . LOL

- CyberWoLfman