Potential victims of TRICARE data breach offered credit monitoring

Monday - 11/7/2011, 9:36am EST

By Jack Moore
Federal News Radio

After computer tapes containing the health records of nearly 5 million military clinic patients were stolen from a contractor's car, the Defense Department has announced potential victims of the data breach will receive free credit monitoring for a year.

A Science Applications International Corporation employee reported the tapes stolen in September in Texas. The tapes may have included names, Social Security numbers, addresses and some personal health data but not financial or bank account information, according to the TRICARE Management Activity, the military's health system.

Now, TRICARE has directed SAIC the provide one year of credit monitoring and restoration services to patients who have expressed concern about their credit.

"We take this incident very seriously," said Brig. Gen. W. Bryan Gamble, the deputy director of TRICARE, who said the steps taken "exceed the industry standard" for identify theft. "The risk to our patients is low, but the Department of Defense is taking steps to keep affected patients informed and protected."

TRICARE reiterated that there's no evidence the data has been accessed by a third party. The chances of that actually happening are low, because retrieving the data from the tapes would require specific knowledge of the hardware and software systems and the data structure, according to TRICARE.

While the risk of access is low, the scope of the breach is huge.

Some 4.9 million patients treated at military hospitals and clinics in the past 20 years could be affected by the breach.

SAIC has launched a call incident response center to field calls from concerned patients. The call centers hours are Monday through Friday, 9 a.m. to 6 p.m. EST. The number is (855) 366-0140 (toll free) for United States callers and (952) 556-8312 (collect) for international calls.

RELATED STORIES:

DoD hit with class action suit for TRICARE data breach

Agencies consider privacy training after TRICARE data breach