Nearly 1 million people were affected by healthcare organization data breaches every month of 2020, and this month alone exposed over 40 million patient records. Sensitive personal and medical information including COVID-19 vaccination statuses, in the hands of criminals, can lead to medical identity theft and other types of identity fraud.
Here are the recent data breaches that made headlines in August 2021:
August 4, 2021: An marketing company, OneMoreLead, has exposed the personal records of 126 million individuals through an unsecured database posted online. The database containing names, job titles, email addresses, work email addresses, home device IP address, home address, work address, personal phone number, work phone number, and employer.
August 13, 2021: Cybersecurity researchers found an unsecured database containing over 3 million personal records of members belonging to a senior living review site, SeniorAdvisor. The database was not password protected and allowed access to information including names, emails, phone numbers and dates contacted.
August 17, 2021: An unauthorized third party gained access to the personal and medical data of over 637,000 patients of UNM Health. The information gathered by the third party includes patient names, addresses, dates of birth, medical record numbers, patient identification numbers, health insurance information, and some clinical information related to the healthcare services provided by UNM Health.
Microsoft Power Apps
August 24, 2021: A misconfiguration within Microsoft Power Apps, a Microsoft product, exposed at least 38 million records. The data leaks impacted American Airlines, Microsoft, J.B. Hunt and governments of Indiana, Maryland and New York City. The disclosed data includes COVID-19 vaccination statuses, social security numbers and email addresses.