Details of Stanford Data Breach Revealed

PALO ALTO, Calif. — The medical records of 20,000 emergency room patients from Stanford University’s hospital were posted publicly on a commercial Web site for nearly a year after a data breach.

The names and diagnosis codes of 20,000 patients were in the possession of a vendor called Multi-Specialty Collection Services, and ended up on a Web site called “Student of Fortune,” The New York Times reports. The Web site allows students to solicit assistance with their school work for a fee.

The spreadsheet first appeared on the site as an attachment to a question about how to convert data into a bar graph.

The spreadsheet was initially sent to a job prospect as part of a skills test by Frank Corcino, a marketing agent for Multi-Specialty Collection Services, The New York Times reports. The applicant sought help on the test by posting the data on the Web site.

The data remained on the site until a patient discovered it on Aug. 22 and notified the hospital.

Related Articles:

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Get Our Newsletters
Campus Safety Conference promo