Doubts custodian’s assurances. Fears possible extortion of military employees whose personal medical data was taken.
St. Louis, Missouri (PRWEB) October 07, 2011
Jarrett Kolthoff, CEO of Cyber Counterespionage firm SpearTip, was interviewed by CBS-affiliate KMOV about the recent theft of two-decades-worth of medical data on nearly five million military personnel. Part of the interview was broadcast. An expansion of that interview is included here.
The custodian of the records, Science Applications International Corporation (SAIC), reported the data breach had occurred two weeks earlier, when numerous back-up tapes were assertively stolen in a break-in of an employee’s car, while the tapes were in transit across town.
SAIC downplayed the breach, saying no financial information was involved, although SAIC acknowledged the tapes contained sensitive medical information. SAIC discounted harm from the loss of this information, saying: “The risk of harm to patients is judged to be low despite the data elements involved, since retrieving the data on the tapes would require knowledge of and access to specific hardware and software and knowledge of the system and data structure.” Kolthoff said this statement is not an assurance that data was encrypted. The news report indicated that only “some” of the tapes were encrypted.