From their press release: Inmediata Health Group, Corp. (“Inmediata”) recently became aware of a data security incident that may have involved the limited personal and medical information of some of its customers’ patients. Inmediata is directly mailing notification letters to individuals who may have been affected by this incident and to provide resources to assist…
Category: Exposure
Greek DPA Issues EUR 30,000 Fine For Data Protection Violation by Hellenic Petroleum S.A.
Hunton Andrews Kurth writes: On April 15, 2019, the Greek Data Protection Authority (“DPA”) fined Hellenic Petroleum S.A. EUR 20,000 for unlawful processing of personal data and EUR 10,000 for failing to adopt appropriate data security measures. Hellenic Petroleum S.A. had engaged a vendor to conduct a study on its behalf. The study was exposed…
PA: Millions of rehab records exposed on Steps to Recovery’s unsecured database
Laura Hautala reports: It’s some of the most sensitive medical information a person could have. Records for potentially thousands of patients seeking treatment at several addiction rehabilitation centers were exposed in an unsecured online database, an independent researcher revealed Friday [link corrected by DataBreaches.net]. The records included patients’ names, as well as details of the…
ME: Acadia Hospital mistakenly released confidential information of 300 Suboxone patients
Callie Ferguson reports: A communications official at Northern Light Acadia Hospital in Bangor mistakenly emailed the confidential names of 300 patients with prescriptions for Suboxone, a medication used to treat opioid use disorder, to an editor at the Bangor Daily News last week. In addition to their names, the list also contained the identities of…
Over 100 Million JustDial Users’ Personal Data Found Exposed On the Internet
Remember what I said earlier today about India being a data protection mess? Here’s another example. Mohit Kumar reports: An unprotected database belonging to JustDial, India’s largest local search service, is leaking personally identifiable information of its every customer in real-time who accessed the service via its website, mobile app, or even by calling on…
Update on Meditab breach
On March 19, this blog linked to a TechCrunch report about an improperly secured Meditab fax server that potentially allowed fax images with patient information to be accessed from an analytics portal. The exposure had been found by SpiderSilk, a cybersecurity firm in Dubai, who estimated that 6 million images were potentially accessible. The TechCrunch…