Joseph Patrick McCormick reports that 780 patients at the 56 Dean Street sexual health clinic in London had their names, HIV status, and contact details exposed to one another.
The breach occurred when an employee sent out an email newsletter but put the mailing list in the “To:” field instead of the “bcc” field.
The clinic is operated by the Chelsea and Westminster NHS Trust.
The Guardian has additional details on the incident.