Mental Health Provider Has Exposed Patient Data
Highly sensitive health details, including audio and video of therapy sessions, were openly accessible on the Internet, new research has revealed.
Cyber security Researcher, Jeremiah Fowler, discovered and reported about a non-password-protected database that contained thousands of records belonging to Confidant Health, an AI-powered platform offering mental health and addiction treatment.
The database contained patient personal information, psychosocial assessments including details about mental health or substance abuse, ID cards, health insurance information.
The cache of information, associated with a US health care firm, included more than 120,000 files and more than 1.7 million activity logs. Fowler discovered the exposed mass of information in an unsecured database linked to virtual medical provider Confidant Health. The company, which operates across five states including Connecticut, Florida, and Texas, helps provide alcohol- and drug-addiction recovery, alongside mental health treatments and other services.
The 5.3 terabytes of exposed data included extremely personal details about patients that go beyond personal therapy sessions.
Files seen by Fowler included multiple-page reports of people’s psychiatry intake notes and details of the medical histories. “At the bottom of some of the documents it said ‘confidential health data,’” Fowler says. The exposed health documents include some medical notes on people’s appearance, mood, memory, their medications, and overall mental status. One spreadsheet seen by the researcher appears to list Confidant Health members, the number of appointments they’ve had, the types of appointment, and more.
The exposure of sensitive patient data poses a significant risk to their privacy and could lead to various negative consequences, including identity theft, medical identity theft, extortion, and blackmail. Criminals could use this information to open fraudulent accounts, file false insurance claims, target patients with threats to release their mental health information and exploit their vulnerabilities.
VPNMentor | Wired | Data Breaches | Mail | HackRead | HIPPA Journal
Image: Pexels
You Might Also Read:
Millions Of US Voters Exposed Online:
If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.
- Individual £5 per month or £50 per year. Sign Up
- Multi-User, Corporate & Library Accounts Available on Request
- Inquiries: Contact Cyber Security Intelligence
Cyber Security Intelligence: Captured Organised & Accessible