Insecure server is shut down
Stars and Stripes June 26, 2007
European edition, Tuesday, June 26, 2007
KAISERSLAUTERN, Germany — A defense contractor’s computer server used to process personal information for Air Force hospitals and clinics in Europe has been shut down due to inadequate security.
The contractor discovered the security problem during a routine inspection recently, and there is no indication the information was lost or stolen, said Capt. Erin Macri, a spokeswoman for U.S. Air Forces in Europe.
The data include names and Social Security numbers of between 2,000 and 5,000 patients.
The server contained information on about 8 percent of the patients who have received health care at Air Force medical facilities on the continent. The Air Force did not release the name of the U.S.-based contractor.
“Everything was transferred to a more secure server,” Macri said Monday.
The company voluntarily notified the Air Force of the security problem, she added. The Air Force is planning to notify affected patients due to a Defense Department rule that requires people to be notified for potential or actual loss of personal information.
Col. Mark Ediger, USAFE command surgeon, said in a statement Monday that the Air Force is advising airmen to take “precautionary measures” against potential identity fraud.
Ediger encouraged airmen to visit www.consumer.gov/idtheft and to check with major credit bureaus to learn more about identity theft.