Data Breach at U-Kentucky

The University of Kentucky is notifying 2,207 individuals following the theft of a laptop with information from a newborn screening program.

The password-protected, unencrypted laptop was stored in a locked, private room. Data on the device included patient and mother names, medical record numbers, date of birth, diagnosis, and some Social Security numbers of mothers. The laptop was stolen between June 18 and June 21. Following investigations, the University posted a public notice on its UKHealthCare web site on Aug. 19.

There is no indication that information on the laptop has been accessed or used, according to the university. The public notice gives information on avoiding identity theft but does not indicate if affected individuals are being offered free credit and identity protection services. The notice notes the university is taking unspecified steps to improve security. A university spokesperson did not return a call asking for additional information.

--Joseph Goedert