Details of Stanford Data Breach Revealed

Published: October 5, 2011

PALO ALTO, Calif. — The medical records of 20,000 emergency room patients from Stanford University’s hospital were posted publicly on a commercial Web site for nearly a year after a data breach.

The names and diagnosis codes of 20,000 patients were in the possession of a vendor called Multi-Specialty Collection Services, and ended up on a Web site called “Student of Fortune,” The New York Times reports. The Web site allows students to solicit assistance with their school work for a fee.

The spreadsheet first appeared on the site as an attachment to a question about how to convert data into a bar graph.

The spreadsheet was initially sent to a job prospect as part of a skills test by Frank Corcino, a marketing agent for Multi-Specialty Collection Services, The New York Times reports. The applicant sought help on the test by posting the data on the Web site.

——Article Continues Below——

Get the latest industry news and research delivered directly to your inbox.

The data remained on the site until a patient discovered it on Aug. 22 and notified the hospital.

Related Articles:

Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series