Millions of Cerebral healthcare patients get impacted by a breach

March 20, 2023
Cerebral Healthcare Patients Data Breach Medical Vendor Risk

About 3.8 million people were notified of a data breach that had recently affected a healthcare platform ‘Cerebral’ after the company detected that patients’ information had been exposed to third parties without appropriate consent.

According to Cerebral’s published notice on its website, the logging features of invisible pixel trackers they use on several third parties on its online services caused millions of patients’ data exposure. Some of these invisible pixel trackers are from Google, Meta, and TikTok.

 

Cerebral healthcare began a review of its Tracking Technologies and data-sharing practices involving third-party vendors.

 

In a report, the healthcare platform said that exactly 3,179,835 people had been impacted by the data breach stemming from the unauthorised disclosure of these data that may be regulated as protected health information (or PHI) under HIPAA to certain third-party platforms and subcontractors without obtaining HIPAA-required assurances.

The company added that the exposed data varies per individual, depending on what they had entered within Cerebral’s platform.

Nonetheless, people are advised that numerous personal information are involved in the breach, such as full names, contact numbers, email addresses, dates of birth, IP addresses, demographic data, subscription plan types, Cerebral client ID numbers, appointment dates, healthcare-related information, treatment details, and health insurance information.

On the other hand, all impacted patients are assured that their Social Security numbers, bank account details, and credit card details are safe from the breach.

Cerebral healthcare added that the leaked data may have begun on October 12, 2019, until January 3, 2023, when they first detected the incident by tracking pixels. As a part of the incident response from the company, they removed all trackers active on their platform to prevent further damage.

There is no evidence of data misuse from the Cerebral healthcare data breach incident. Still, patients must remain cautious against potential cyberattacks and reset their passwords on all online accounts to ensure their safety.

Free credit monitoring will also be provided to all affected people at risk by the data breach incident.

About the author

Leave a Reply