A security breach in an online computer system at Mary Washington Hospital exposed the private medical information of some of its maternity patients.
A man who tried to use the Fredericksburg hospital's online registration system for his expectant wife said the files for 803 patients were publicly available on the site. On Friday, a hospital official described the breach as an "anomaly." Hospital officials first learned of the breach when a Spotsylvania County sheriff's deputy notified them that the online registration feature at the MediCorp.org Web site was not working correctly. Gary Dennison tried to register at the website. Week after that a stranger who gave his name as "Mike" called her house the night of Saturday, Oct. 11, to tell her that he was looking at private information about her and her husband on the MediCorp site. The man knew the couple's Social Security numbers, phone numbers, address, insurance carrier, her birth date and her doctor's name. Mike said that he found series of internal pages that contained private information for 803 people, apparently everyone who had registered online for a delivery since Dec. 27, 2007. He said he picked several people at random and called to warn them.
