CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
July 28th, 2008

Private Details Available For Months On The Centers For Osteopathic Research And Education Website

The Centers for Osteopathic Research and Education (CORE) at Ohio University removed a Web document last week that inadvertently contained personal information belonging to individuals who have provided academic programming for the medical education consortium. CORE is an osteopathic medical education consortium comprising member teaching hospitals, clinical training sites and osteopathic medical schools. The Ohio University College of Osteopathic Medicine is the central academic member of CORE.

CORE has identified, sent information to and developed resources for the 492 presenters affected, including doctors and nurses. The document was available to all for months. On July 16, CORE removed a spreadsheet that contained the information.

It had been accessible since March 20 and was discovered when a nurse found the information last week while conducting online research. A document that should have been posted did not contain personal information, according to CORE. The document that should have been posted was intended to help CORE’s Residency Program Advisory Committees (RPAC) directors, who coordinate education programs for physicians-in-training and identify and engage medical education speakers.

It was not intended to carry personal information. In addition to names and Social Security numbers, the spreadsheet included contact numbers, addresses, their speaking topics and federal employer identification numbers. The person responsible for posting the information was put on paid administrative leave and has no access to the Web site or to CORE data pending a review.

There is no indication that any of the personal information was misused, said CORE spokeswoman Karoline Lane. With the help of OU experts, CORE is examining what happened and how it happened.

Within one week of learning about the error, CORE has undertaken the following to assist those whose information was exposed: published an informational Web site (www.ohiocore.org/answers); provided a toll-free call-in number (866-437-8698); and offered credit monitoring service for one year.

Share this item with others:

More on CyberInsecure:
  • Hacker Published Confidential Records Belonging To Six Million Chileans On The Internet
  • Three Computers With Personal Data Compromised At The University of Colorado
  • Columbia University Students Private Details Available On Google-Hosted Website For 16 Months
  • Stolen SunGard Laptop With Data From At Least 10 Colleges And Universities
  • Russian Citizens Database Is Now Online

    • Posted in Breaches And Incidents, Privacy | Print This Post Print This Post

    This entry was posted on Monday, July 28th, 2008 at 10:57 am and is filed under Breaches And Incidents, Privacy. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Private Details Available For Months On The Centers For Osteopathic Research And Education Website

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »