This point was crystallized for Baltimore-area customers of Rite Aid pharmacy who received warning from the company Wednesday in a statement that their prescription and personal information may have been compromised by looting during the riots in late April following the death of Freddie Gray while in police custody.
Rite Aid officials reported that labels on stolen prescription bottles taken from pharmacies contained information such as names, addresses and types of medication, but not more sensitive identification data, like credit card numbers or Social Security information.
“It would not surprise me if patients who used those pharmacies that were looted later learned they were victims of medical identity fraud,” Ann Patterson, senior vice president and program director of the Medical Identity Fraud Alliance, told the Baltimore Sun.
Health records and digital medical data are becoming increasingly valued on the black market, and even a name, phone number and address can offer an enticing starter set of information for identity thieves.
CVS pharmacies, as well as several other looted drug stores in the area, are also expected to notify customers of potentially compromised information. The Drug Enforcement Administration is currently reviewing surveillance footage from 27 pharmacies across the city in hopes of bringing charges against looters, a spokesman told the Baltimore Sun.
More articles on data breaches:
Dignity Health subsidiary reports data breach due to stolen, unencrypted laptop
Judge dismisses class-action lawsuit against UPMC for 2014 data breach
800 patients’ records compromised at Jefferson Hospital: 4 things to know
