Texas-based Lone Star Circle of Care is notifying roughly 8,700 individuals of a HIPAA breach, that their personal information was inadvertently placed publicly on the Lone Star Circle of Care website for nearly six months, and was accessed numerous times by unauthorized individuals.
How many victims? Roughly 8,700.
What type of personal information? Names, addresses, phone numbers, and birth dates. Full or partial Social Security numbers for five individuals.
What happened? An employee with the company that designed, maintained and secured the Lone Star Circle of Care website inadvertently made a backup file – which contained the personal information – publicly accessible on the Lone Star Circle of Care website, and it was accessed numerous times by unauthorized individuals.
What was the response? The information was removed from the website. The website company was let go. All impacted individuals are being notified, and offered a free year of identity theft monitoring services.
Details: The breach was discovered on Jan. 9. The information was publicly posted on July 31, 2014. Of the roughly 8,700 affected individuals, about 6,300 were patients.
Source: statesman.com, Austin American-Statesman, “Data breach at Lone Star Circle of Care affects 8,700,” Feb. 20, 2015.