Data Breach at Home Monitoring Company Exposes 150K Patients’ Files | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Data Breach at Home Monitoring Company Exposes 150K Patients’ Files

October 11, 2017
by Rajiv Leventhal
| Reprints

Security researchers have uncovered a data breach linked to a healthcare services company, Patient Home Monitoring Corporation (PHM), in which patient files of some 150,000 Americans were exposed.

According to one report in Gizmodo, lab test results and other patient files, discovered by researchers at the Kromtech Security Center, had been stored on an unsecured Amazon S3 bucket. “According to Kromtech, the files were publicly accessible and unprotected by a password. A cursory examination of the contents revealed a wide range of sensitive details about patients whose names, addresses, phone numbers, diagnoses, and test results were exposed,” the report stated.

The report noted that the files were linked to Patient Home Monitoring Corporation, a Lafayette, La.-based company that provides U.S. patients with in-home monitoring and disease management services. The data breach contained about 47.5 GB-worth of data composed of roughly 316,000 PDF files.

On Oct. 5, PHM was alerted that sensitive medical records belonging to the company had been exposed. Following notification, the bucket was secured on the same day. PHM did not, however, respond to Kromtech’s inquiries, per the Gizmodo report.

Providing some additional information, MacKeeper Security Research Center reported that the breach “contained medical data in 316,363 PDF reports in the form of weekly blood test results. Many of these were multiple reports on individual patients. It appears that each patient had weekly test results totaling around 20 files each.”

Get the latest information on Cybersecurity and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More

Topics

News

Allscripts Acknowledges Ransomware Attack, Says Impact is “Limited”

Health IT vendor Allscripts has acknowledged that it is investigating a ransomware incident that has impacted a limited number of its applications.

AHRQ to Fund Patient Safety Learning Laboratories

The federal Agency for Healthcare Research Quality plans to spend up to $5 million in fiscal 2018 to support as many as eight patient safety learning laboratories.

RCM Global Software Market to Hit $43.3B by 2022, Report Finds

The global market for healthcare revenue cycle management software is estimated to reach $43.3 billion by the end of 2022, according to a report from Future Market Insights (FMI).

Global Open Source HIT Project Gets $1M Donation From Cryptocurrency Philanthropy

OpenMRS, Inc., an open source medical records platform used in developing countries, has received a $1 million donation from the Pineapple Fund, an $86 million cryptocurrency philanthropy created by an anonymous donor known only as “Pine.”

Media Reports: Massive Data Breach of Norwegian Health Authority Could Impact 3 Million Patients

International media outlets are reporting that a hacker or hacker group breached the systems of Norway’s Health South East EHF, potentially compromising the healthcare data of nearly 3 million patients, or about half of Norway’s population.

Healthcare Groups Call for Improvements to Prior Authorization Process

A collaborative of healthcare organizations, including the American Medical Association, the American Hospital Association, and the Medical Group Management Association, released a joint statement this week calling for improved prior authorization procedures, including automating the process to improve transparency and efficiency.