Update on Hackers Ransom Demand for Virginia Prescription Database
Last month, an unusual ransom demand was made on the Commonwealth of Virginia. See Encryption Used By Hackers to Demand Ransom for Virginia Prescription Database, May 5, 2009. In a posting late last week, the Virgina Department of Health Professions announced that it had sent a letter to affected individuals ("persons whose PMP records contained a nine-digit number that could be a social security number"). If you are crafting such a notice for your own use, this letter is of particular note. While it isn't a universally-approved model, it would seem like a pretty good initial response to a claim of inadequate notice that you used the same form that the Commonwealth of Virginia used.
