DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

St. Elizabeth Physicians’ email gaffe exposed patient email addresses

Posted on September 15, 2016 by Dissent

Here’s an incident involving St. Elizabeth Physicians that happened last month but just showed up on HHS’s public breach tool now. From their August 23 notice:

On July 12, 2016 St. Elizabeth Physicians inadvertently released the email addresses of 674 individuals in an email sent by its Weight Management Center inviting the recipients to a vitamin presentation and open forum meeting. The sender inadvertently and mistakenly failed to blind copy the recipients thus allowing all email addresses to be visible by all recipients.  No social security numbers, phone numbers, addresses, or any other personal health or identification information was disclosed. The only information disclosed was email addresses.

Although there is a very low risk to the affected individuals, St. Elizabeth Physicians has offered to provide each individual one year of identity theft monitoring at St. Elizabeth Physicians’ expense and has encouraged the notified individuals to, as always, use caution when receiving any email related to the solicitation of information or for the sale of products and services.

St. Elizabeth Physicians has promptly and thoroughly investigated the matter and has reviewed its procedures. Corrective action has been pursued to avoid this from happening in the future.

St. Elizabeth Physicians takes patient confidentiality very seriously and is committed to maintaining the privacy and security of all patient information. St. Elizabeth Physicians regrets that this incident has occurred and is committed to preventing future occurrences.

Patients may call 1-855-809-9217 from 9:00 a.m. – 5:00 p.m. with any questions or submit inquires electronically here. Trained staff is available to address any questions related to this matter.

Some email addresses may have revealed the patients’ names, but even so, offering identity theft monitoring for exposing email addresses (and maybe names)? Seriously? That’s going a bit far…

Category: ExposureHealth DataU.S.

Post navigation

← Geisinger Health Plan notifies 2800 that processing error exposed their PHI to others
OH: City says it wasn’t hacked by group →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Masimo Manufacturing Facilities Hit by Cyberattack
  • Education giant Pearson hit by cyberattack exposing customer data
  • Star Health hacker claims sending bullets, threats to top executives: Reports
  • Nova Scotia Power hit by cyberattack, critical infrastructure targeted, no outages reported
  • Georgia hospital defeats data-tracking lawsuit
  • 60K BTC Wallets Tied to LockBit Ransomware Gang Leaked
  • UK: Legal Aid Agency hit by cyber security incident
  • Public notice for individuals affected by an information security breach in the Social Services, Health Care and Rescue Services Division of Helsinki
  • PowerSchool paid a hacker’s extortion demand, but now school district clients are being extorted anyway (3)
  • Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The App Store Freedom Act Compromises User Privacy To Punish Big Tech
  • Florida bill requiring encryption backdoors for social media accounts has failed
  • Apple Siri Eavesdropping Payout Deadline Confirmed—How To Make A Claim
  • Privacy matters to Canadians – Privacy Commissioner of Canada marks Privacy Awareness Week with release of latest survey results
  • Missouri Clinic Must Give State AG Minor Trans Care Information
  • Georgia hospital defeats data-tracking lawsuit
  • No Postal Service Data Sharing to Deport Immigrants

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.