“Advocate Aurora Health (AAH), a 26-hospital healthcare system in Wisconsin and Illinois, is notifying its patients of a data breach that exposed the personal data of 3,000,000 patients.
“The incident was caused by the improper use of Meta Pixel on AAH’s websites, where patients log in and enter sensitive personal and medical information.
“Meta Pixel is a JavaScript tracker that helps website operators understand how visitors interact with the site, helping them make targeted improvements.
“However, the tracker also sends sensitive data to Meta (Facebook) and is then shared with a massive network of marketers who target patients with advertisements that match their conditions.
“This privacy breach has taken the U.S. by storm, as Meta Pixel is used by many hospitals in the country, exposing millions of people to third parties and sparking class action lawsuits against the responsible organizations.”
Info leaked:
IP address
Dates, times, and locations of scheduled appointments
Proximity to an AAH location
Medical provider information
Type of appointment or procedure
Communications between MyChart users, which may have included first and last names and medical record numbers
Insurance information
Proxy account information
—
Aha! Ol’ Zucky is in there again!
Seriously, this needs some more bite than a CAL; huge fines and maybe some jail time for cocky little CEO’s in gray t-shirts. Right beside him should sit the Aurora staff idiot who cooked up the deal to snark off patient’s information to ol ‘Zucky.
Corporate C0-Conspirators, in shackles, side by side.
It’s a nice idea.
Win7 Pro SP1 64-bit, Dell Latitude E6330 ("The Tank"), Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Newbie
--
"The more kinks you put in the plumbing, the easier it is to stop up the pipes." -Scotty
