FTC: Major search engine indexed medical transcripts containing psychiatric notes

Accidentally leaked credentials; Data dump; Insider attack

GMR Transcription Services agreed to settle Federal Trade Commission charges that the company exposed health and personal information on the open Internet, including consumer medical histories and exam notes.

Fedtrans, one of the firm’s contractors, used an application that “transmitted files in clear readable text and was configured so that the files could be accessed online by anyone,” according to court papers.

The digital records “were indexed by a major internet search engine,” FTC officials stated, and, according to the court papers “were accessed, using the search engine.”

Some of the records contained children’s exam notes and “highly sensitive medical information, such as information about psychiatric disorders, alcohol use, drug abuse, and pregnancy loss,” the court documents state.

Files also included names, birthdays, tax information, medications, and, in some cases, employment histories and marital status.

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.


Healthcare and Public Health


January 31, 2014

reported by


number affected

1000s of consumers

location of breach




location of perpetrators


date breach occurred

between March 2011 and October 2011

date breach detected