Sequoia Hospital Data Breach (2007)

A contractor working for Sequoia Hospital inadvertently posted the names and Social Security numbers of 391 current and former hospital employees on a public website, where it stayed for four years. An employee for Towers Watson, an international professional services firm, posted the information in October 2007, according to a statement issued Thursday by hospital CEO Glenna Vaskelis. It was removed Dec. 2 after the hospital learned of the error. A hospital spokeswoman said none of the employees has reported being harmed or defrauded due to the security breach. The hospital did not specify where the information was posted. "The file was not prominently displayed, but we ascertained it could have been accessed through a targeted Internet search," Vaskelis said. While the CEO said the hospital regretted the incident, its contract with Towers Watson has not been canceled.