The personal information of thousands of clients and patients of St. Mary’s Regional Medical Center in Reno, Nev. was potentially compromised when a database was illegally accessed.

How many victims? About 128,000.

What type of personal information? Names, addresses and some health information and Social Security numbers.

Details: The breach, discovered April 28, resulted in the immediate shutdown of the database. Notifications, done by letter, were delayed because the database had to be rebuilt. There have been no reports of fraud as a result of the compromise.

What was the response? The hospital is offering one year of free credit monitoring to those patients whose Social Security numbers were stored in the database. 

Quote:“Our first concern is for the continued privacy and well-being of our patients and customers.” -Mike Uboldi, president and chief executive officer, in a news release.

Source: rgj.com, Reno Gazette-Journal, “St. Mary’s warns of possible data leak,” July 24.

An employee of McLean, Va.-based investment company, Wagner Resource Group, accidentally exposed the personal information of thousands of its clients through LimeWire, a peer-to-peer (P2P) network.

What type of personal information? Names, Social Security numbers and birth dates.

How many victims? 2,000.

What happened? An employee’s P2P software apparently was configured to allow the sharing of documents with other LimeWire users.

Details: Among the victims is U.S. Supreme Court Justice Stephen Breyer. Tiversa, the P2P security company hired by Wagner to respond to the breach, determined that more than a dozen LimeWire users downloaded the files containing the confidential data.

Quote: “I didn’t even know what peer-to-peer was. I do now.” - Wagner Resource Group founder Phylyp Wagner.

Source: washingtonpost.com, The Washington Post, “Justice Breyer is Among Victims in Data Breach Caused by File Sharing,” July 9.

A vulnerability in the Organ and Tissue Donor Registry, run by Florida’s Agency for Health Care Administrators, could have permitted the authorized viewing of the confidential data of some 55,000 people.

What type of personal information? Names, addresses, birth dates and driver’s license numbers.

Details: The breach occurred on June 20, and the hole was plugged a day later. Officials do not believe the information was wrongfully accessed.

Source: Associated Press, Naples (Fla.) News, “Breach in Fla. donor registry may have exposed IDs,” July 7.