Health system data breach due to Meta Pixel hits 3 million patients

Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,572
Content source
https://www.bleepingcomputer.com/news/security/health-system-data-breach-due-to-meta-pixel-hits-3-million-patients/
Advocate Aurora Health (AAH), a 26-hospital healthcare system in Wisconsin and Illinois, is notifying its patients of a data breach that exposed the personal data of 3,000,000 patients.

The incident was caused by the improper use of Meta Pixel on AAH's websites, where patients log in and enter sensitive personal and medical information.

Meta Pixel is a JavaScript tracker that helps website operators understand how visitors interact with the site, helping them make targeted improvements.

However, the tracker also sends sensitive data to Meta (Facebook) and is then shared with a massive network of marketers who target patients with advertisements that match their conditions.

This privacy breach has taken the U.S. by storm, as Meta Pixel is used by many hospitals in the country, exposing millions of people to third parties and sparking class action lawsuits against the responsible organizations.

In August 2022, U.S. healthcare provider Novant Health disclosed its improper use of Meta Pixel in its implementation of the 'MyChart' portal, exposing 1.3 million patients.

The 'MyChart' patient portal is also used by AAH, along with another platform named 'LiveWell,' both of which had active Meta Pixel trackers.
Click to expand...
AAH's data breach notification says that the following information may have been exposed via Meta Pixel:
  • IP address
  • Dates, times, and locations of scheduled appointments
  • Proximity to an AAH location
  • Medical provider information
  • Type of appointment or procedure
  • Communications between MyChart users, which may have included first and last names and medical record numbers
  • Insurance information
  • Proxy account information
AAH reported that the breach affected 3 million people to the U.S. Department of Health, which listed it on its breach report portal.

The healthcare provider has disabled the Pixel tracker on all systems and is implementing safeguards to prevent a similar exposure from happening again.

Patients are advised to use their web browsers' tracker-blocking features or use incognito mode when logging in on medical portals. Those with a Facebook or Google account should review their privacy settings.

AAH has also compiled a FAQ page to help patients find answers to common questions about the data breach.
Click to expand...
www.bleepingcomputer.com

Health system data breach due to Meta Pixel hits 3 million patients

Advocate Aurora Health (AAH), a 26-hospital healthcare system in the states of Wisconsin and Illinois, is notifying its patients of an unintentional data breach that impacts 3,000,000 individuals.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Wow
  • Sad
  • Like
Reactions: vtqhtr413, upnorth, Venustus and 4 others
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Wow
    • +Reputation
    • Thanks
Security News Healthcare software provider data breach impacts 2.7 million
Replies
2
Views
1,180
Security News
Jonny Quest
Jonny Quest
Gandalf_The_Grey
    • Like
    • +Reputation
    • Wow
Misconfigured Meta Pixel exposed healthcare data of 1.3M patients
Replies
0
Views
684
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Wow
    • +Reputation
    • Like
Ransomware gang steals data of 5.8 million PharMerica patients
Replies
0
Views
845
News Archive
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top