DataBreaches.net discovered today that two copies of a paste (data dump) with over 860 AOC patients’ information is still available online if you know where to look for it.
I’m providing a redacted screenshot below so patients can get a sense of what these pastes/leaks look like, although I’ve blacked out most of the street addresses, the patients’ last names, their date of birth, Social Security number, and other information that was in these records. The first leak by the hackers was removed after AOC reported it to Pastebin; that leak had 500 patients’ information in the same format as the one below.
Keep in mind that there were over 860 entries like the few you’re seeing below and there was more than one copy of this paste on Pastebin. According to Pastebin, there have been 52 views of this paste as of today.
Here are the data fields labels that were in this database, although not all fields had data in them:
“/Today”,”/TodayLong”,”/PrimaryHealthInsCo”,”/PrimaryHealthInsType”,”/SecondaryHealthInsCo”,”/
SecondaryHealthInsType”,”/Address1″,”/Address2″,”/Age”,”/AnAge”,”/AgeSingular”,”/DOB”,”/CellPhone”,”/
City”,”/Email”,”/Fax”,”FName”,”FNameCaps”,”LName”,”/MI”,”LNameCaps”,”/NamePrefix”,”/NameSuffix”,”/
Note”,”/personid”,”/Phone”,”/PhoneExtension”,”/WorkPhone”,”/WorkPhoneExtension”,”/Race”,”/
Sex”,”man/woman”,”male/female”,”male/femaleFirstCap”,”he/she”,”he/sheFirstCap”,”him/her”,”his/her”,
“his/herFirstCap”,”boy/girl”,”son/daughter”,”grandson/granddaughter”,”/SharedID”,”/SSNO”,”/State”,”/JobTitle”,”/
Zip”,”/UDF1″,”/UDF2″,”/UDF3″,”/UDF4″,”/UDF5″,”/UDF6″,”/UDF7″,”/UDF8″,”/UDF9″,”/UDF10″,”/PriDrPersonID”,”/
PriUDF1″,”/PriUDF2″,”/PriUDF3″,”/PriUDF4″,”/PriUDF5″,”/PriUDF6″,”/PriUDF7″,”/PriUDF8″,”/PriUDF9″,”/
PriUDF10″,”/PriDrAlias”,”/PriDrFirst”,”/PriDrLast”,”/PriDrNamePrefix”,”/PriDrNameSuffix”,”/PriNote”,”/
PriDrAddr1″,”/PriDrAddr2″,”/PriDrPhoneExtension”,”/PriDrEmail”,”/PriDrCellPhone”,”/PriDrFax”,”/PriDrPhone”,”/
PriDrZip”,”/PriDrState”,”/PriDrCity”,”/PriNPI”,”/RefPersonID”,”/RefDrAddr1″,”/RefDrAddr2″,”/RefDrCity”,”/
RefDrFirst”,”/RefDrLast”,”/RefDrNamePrefix”,”/RefDrNameSuffix”,”/RefNote”,”/RefDrPhone”,”/RefDrPhoneExtension”,”/
RefDrEmail”,”/RefDrCellPhone”,”/RefDrFax”,”/RefDrState”,”/RefDrZip”,”/RefUDF1″,”/RefUDF2″,”/RefUDF3″,”/
RefUDF4″,”/RefUDF5″,”/RefUDF6″,”/RefUDF7″,”/RefUDF8″,”/RefUDF9″,”/RefUDF10″,”/RefNPI”,”/PRIMINSPOLICYID”,”/
PRIMINSGROUPID”,”/SECONDARYINSPOLICYID”,”/SECONDARYINSGROUPID”
DataBreaches.net has reported the two pastes to Pastebin to ask them to remove them promptly, and will check back tomorrow to see if they have been removed.
Update 1 of Aug. 18: On July 25, this site reported that AOC had begun notifying patients (two) days after this site had notified it that a paste with 500 patients’ information had appeared on Pastebin with a note from the hackers. At the time, AOC gave this site a statement that said, in part:
At the same time as all this was going on, we found out about the Pastebin dumps just before your email (yet remain grateful to your letting us know, as well) and have been trying since early Saturday to get the first removed and then the second one since yesterday.
Last night, I discovered that in addition to the two pastes dated August 3rd that I reported yesterday as still being online, there was yet another paste – this one dated July 26 (after AOC’s statement) also still available online. This paste was identified by the hackers as a second copy of another paste. It also contains 500 patients’ details.
Note that these pastes would be very hard for AOC to find as they would not show up in a routine search. But how many entities did the hackers share the links to these pastes with? Each paste was viewed at least dozens of times.
DataBreaches.net has now requested that Pastebin remove this newly found paste, but that paste may put the number of unique patients’ leaked records at about 2,000 or more. I hope AOC has copies of all these pastes so that they know exactly which patients had their details leaked on Pastebin in addition to being put up for sale on TheRealDeal market.
Update of Aug 22: the pastes are still online, and I have emailed Pastebin again to request removal or an explanation of why they haven’t removed these pastes.
Holy shit. This is really friggin insane. Thanks for reporting it and for updating us. I’m beside myself.
AOC is not a small practice. They do very well for themselves. They should have known better, but their lack of response to the problem and doing little since acknowledging it shows the arrogance of this practice. I want to be included in any class action suit, I think they should be held accountable.
I would also like to be included In any class-action suit I think they should also be held accountable.