Emily Thompson reports:
Tufts announced in a Thursday evening email to the community that its vaccine clinic provider, Pelmeds, has experienced a data breach involving images of patients’ insurance cards. The number of Tufts community members affected by the breach is still unknown. Tufts has ended its contract with the company and postponed all previously scheduled COVID-19 booster clinics, including one scheduled for tomorrow. The flu shot clinics planned for next Tuesday and Wednesday — which are not part of the Pelmeds partnership — will go forward as planned.
Read more at Tufts Daily.
The reporting doesn’t mention how the breach occurred. Was this a misconfiguration/exposure situation or a hack of Pelmeds or something else? DataBreaches has sent an email inquiry to Pelmeds to ask and will update this post when a reply is received.