Theft was discovered by police, not hospital IT staff
APRIL 14, 2008 | A hospital admissions worker was arrested this weekend for allegedly stealing the personal information of some 50,000 patients out of a database and selling some of it to an identity theft ring.
Dwight McPherson, 38, a former worker at New York-Presbyterian Hospital/Weill Cornell Medical Center, was arrested Friday night, shortly after the hospital announced the security breach, according to the Associated Press.
Interestingly, the breach had not been discovered by the hospital. McPherson was exposed when police and postal inspectors in Atlanta raided a suspected identity theft ring. Among the papers they found were 221 documents from the hospital, which allegedly were sent to the ring by McPherson.
Only after the documents were found did the hospital check its computer records, discovering that McPherson’s computer ID had been used to access some 49,841 records. All of the individuals were males born between 1950 and 1970. The hospital says the records included addresses and Social Security numbers, but no medical information.
McPherson had sold information on about 2,000 patients for a total of $1,350, according to federal court documents cited in news reports. In a confession, McPherson reportedly told police that he was approached in 2006 by an individual who offered to pay for the data.
At his arraignment on Saturday, McPherson was released on $500,000 bail. His lawyer told reporters that his client is “a hardworking, honest citizen. He is presumed innocent.”
Related Posts: On this day...
- Automatically generate regular expressions with Txt2re - 2011
- Technology - 2011
- Hackerism, ethics, and the best dad ever. - 2010
- UV or Not UV? Tan Tax has some burning - 2010
- Arizona Clears Strict Immigration Bill - 2010
- Cybersecurity Act of 2009 - 2009
- Obama adds yet another RIAA attorney to Justice Department roster - 2009