Data Breach at Home Monitoring Company Exposes 150K Patients’ Files | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Data Breach at Home Monitoring Company Exposes 150K Patients’ Files

October 11, 2017
by Rajiv Leventhal
| Reprints

Security researchers have uncovered a data breach linked to a healthcare services company, Patient Home Monitoring Corporation (PHM), in which patient files of some 150,000 Americans were exposed.

According to one report in Gizmodo, lab test results and other patient files, discovered by researchers at the Kromtech Security Center, had been stored on an unsecured Amazon S3 bucket. “According to Kromtech, the files were publicly accessible and unprotected by a password. A cursory examination of the contents revealed a wide range of sensitive details about patients whose names, addresses, phone numbers, diagnoses, and test results were exposed,” the report stated.

The report noted that the files were linked to Patient Home Monitoring Corporation, a Lafayette, La.-based company that provides U.S. patients with in-home monitoring and disease management services. The data breach contained about 47.5 GB-worth of data composed of roughly 316,000 PDF files.

On Oct. 5, PHM was alerted that sensitive medical records belonging to the company had been exposed. Following notification, the bucket was secured on the same day. PHM did not, however, respond to Kromtech’s inquiries, per the Gizmodo report.

Providing some additional information, MacKeeper Security Research Center reported that the breach “contained medical data in 316,363 PDF reports in the form of weekly blood test results. Many of these were multiple reports on individual patients. It appears that each patient had weekly test results totaling around 20 files each.”

Get the latest information on Cybersecurity and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More

Topics

News

Survey: Most Providers Say Interoperability by 2020 Not Attainable with Current Federal Policies

The majority of healthcare providers (71 percent) believe that current federal polices, committees and regulations are not sufficient to help the country attain meaningful health IT interoperability by 2020.

House Committee Presses Nuance Executives on NotPetya Attack

he U.S. House Energy and Commerce Committee is requesting that Nuance Communications executives provide more information about the malware incident, called NotPetya, that impacted the company, along with multinational companies in 65 countries, back in June.

Regenstrief Researchers to Study Impact of HIE on Emergency Care

Scientists at the Indianapolis-based Regenstrief Institute are conducting what they say is the first study of health information exchange (HIE) use over multiple years to evaluate whether it improves patient outcomes in emergency departments.

Report: Healthcare Organizations Struggle with Human Error in Securing PHI

In the first nine months of 2017, unintended disclosure accounted for 41 percent of healthcare data breach incidents, according to a report from specialist insurer Beazley.

Three More Providers Receive 2017 HIMSS Davies Awards

Three patient care organizations have received the 2017 global Healthcare Information and Management Systems Society (HIMSS) Enterprise Nicholas E. Davies Award of Excellence for healthcare technology innovations that improve patient outcomes.

Medtronic, American Well Team Up to Integrate Telehealth Capabilities

Medtronic and American Well announced a partnership to offer a telehealth solution focused on the unique needs of the complex, chronic, co-morbid patient population.