Data breaches normally entail online intrusions these days, but New York City's fire department is dealing with a classic problem: the physical storage is simply gone. FDNY has warned that an employee's personal hard drive went missing last March, potentially exposing the medical records of 10,253 patients treated by emergency services between 2011 and 2018. While there's no evidence that someone accessed the data, the department is treating this like a 'regular' breach by notifying the patients and offering credit monitoring to 3,000 patients whose social security numbers might have been compromised.
The unnamed staffer had clearance to access the records and transferred them to the personal drive. The drive was later reported missing.
Incidents like this are rare, but serve as a reminder that physical data security is still a serious problem. Even in unintentional losses, it might not take much for info to fall into the wrong hands. And when health care data is particularly valuable for state-backed hackers and criminal outfits alike, even a small loss could have dire consequences.