Security breaches are, unfortunately, common occurrences now. And the latest episode involves Genentech which, two months ago, discovered that computers run by an unnamed vendor were violated. As a result, personal data belonging to an unspecified number of people who are enrolled in its patient assistance program was compromised.

This includes such information as name; address; phone; date of birth; e-mail address; driver’s license number; Social Security number; medical information and health insurance information, according to a September 29 letter that the Roche unit wrote to the New Hampshire Attorney General (see this). The letter says that 10 people were affected, but this only pertains to that one state.

As noted by PHIPrivacy, which first wrote about this, the number of people whose data may have been accessed could easily be much larger than just 10. We have asked Genentech for a rundown on the extent of the problem and how many people are enrolled in its patient assistance programs, and will update you accordingly. Meanwhile, Genentech is offering credit monitoring and identify theft protection insurance free of charge to those whose data was compromised.

[UPDATE: At 12 noon ET, a Genentech spokeswoman wrote us to say "this incident affected approximately 3,500 patients, less than 1 percent of the well over one million people who have used Genentech’s patient support programs."]

Security breaches plagued a couple of drugmakers three years ago. Pfizer, in particular, suffered several episodes that involved tens of thousands of employees (read here). And a Bristol-Myers Squibb data tape containing reams of personal information was stolen an untold number of current and former employees - and their dependents - were jeopardized (see here). However, these did not involve patients.