FTC: Major search engine indexed medical transcripts containing psychiatric notes
Accidentally leaked credentials; Data dump; Insider attack
GMR Transcription Services agreed to settle Federal Trade Commission charges that the company exposed health and personal information on the open Internet, including consumer medical histories and exam notes.
Fedtrans, one of the firm’s contractors, used an application that “transmitted files in clear readable text and was configured so that the files could be accessed online by anyone,” according to court papers.
The digital records “were indexed by a major internet search engine,” FTC officials stated, and, according to the court papers “were accessed, using the search engine.”
Some of the records contained children’s exam notes and “highly sensitive medical information, such as information about psychiatric disorders, alcohol use, drug abuse, and pregnancy loss,” the court documents state.
Files also included names, birthdays, tax information, medications, and, in some cases, employment histories and marital status.
ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.
Healthcare and Public Health
January 31, 2014
Link to report
1000s of consumers
location of breach
location of perpetrators
date breach occurred
between March 2011 and October 2011
date breach detected