Diabetic Patients’ Private Personal and Health Information Leaked Online for Months

The personal and health information of close to a million people was recently exposed online.

A database chock full of personal details on more than 900,000 people was available online, unprotected, for months. Telemarketers used the database to market products to customers who are mostly older and diabetic.

The data included names, addresses, dates of birth, phone numbers, email addresses, Social Security numbers, health insurance information and other data relating to people’s health issues. Even worse, the information was up for months, according to DataBreaches.net, which also investigated the incident along with ZDNet.com.

According to this ZDNet.com story, “a former developer working at a telemarketing company uploaded a backup of its database to the internet.”

Twitter user Flash Gordon first contacted DataBreaches.net about the exposed data on March 25. He’d discovered it by running a search on Shodan, a search engine for open ports and databases.

The database belongs to HealthNow Networks, a medical supply and equipment company that is no longer a registered business, according to the ZDNet.com story.

Concerned your info might have been part of this leak?

Troy Hunt of HaveIBeenPwned.com identified more than 320,000 unique email addresses included in the data. Since those people are at higher risk of being contacted for scams or targeted phishing emails, Hunt agreed to help notify folks. Interestingly, according to Hunt, more than 80 percent of those email addresses were already included in HaveIBeenPwned.com, which suggests that “these lists are being circulated widely by spammers, and perhaps, scammers,” according to the DataBreaches.net story.

The takeaway from the incident?

“Before you give your personal or health insurance information to telemarketers or firms that call to offer you supplies for diabetes or back pain or other conditions, think twice,” the DataBreaches.net story advises. “And then think again, because do you really know whether the individual or firm you are giving your identity information to is trustworthy or to whom they may be giving it?”

Good advice, indeed. For other things you can do to keep your medical health information safe, visit our recent blogpost Six Safeguards You Should Take Now to Protect Your Private Medical Health Information.”

 


Are you covered for identity theft?
Get Covered

Image: Pixabay