The information in the records includes names, addresses, phone and Social Security numbers, as well as health data - clinical notes, laboratory tests, prescriptions, and more - belonging to former and current military personnel and their families that have been treated or whose laboratory workups were processed in any of the military treatment facilities in the San Antonio area between 1992 and September 7, 2011.
"The risk of harm to patients is judged to be low despite the data elements involved since retrieving the data on the tapes would require knowledge of and access to specific hardware and software and knowledge of the system and data structure," TRICARE was sure to note, and added that the stolen records do not contain financial data of any kind and that affected individuals will be notified with more details after they are identified.
According to Computerworld, SAIC's VP for media relations has revealed that the tapes got stolen from an employee's car while he was transferring them to a new facility. He also confirmed that the data wasn't encrypted because the OS used by the facility wasn't able to do so "in a manner that was compliant with a particular federal standard."
"The government facility was seeking a compliant encryption solution that would work with the operating system when the backup tapes were taken," he claimed.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.