Email error leads to data breach

September 29th, 2016 by admin Leave a reply »

St. Elizabeth Physicians recently announced data breach. Disclosed information included email addresses. Social Security numbers, phone numbers, addresses, and any other personal health or identification information were not affected.

“St. Elizabeth Physicians is the multi-specialty physician organization of St. Elizabeth Healthcare, one of the oldest, largest, and most respected medical providers in the Greater Cincinnati region. “

According to the statement, “It inadvertently released the email addresses of 674 individuals in an email sent by its Weight Management Center inviting the recipients to a vitamin presentation and open forum meeting.”

The incident was the result of human error when the email sender did not blind copy the recipients. It allowed all email addresses to be visible by all recipients.

Facility mentioned that it is offering affected individuals one year of complimentary identity theft monitoring.

“St. Elizabeth Physicians has promptly and thoroughly investigated the matter and has reviewed its procedures,” the statement read. “Corrective action has been pursued to avoid this from happening in the future.”

“St. Elizabeth Physicians takes patient confidentiality very seriously and is committed to maintaining the privacy and security of all patient information. St. Elizabeth Physicians regrets that this incident has occurred and is committed to preventing future occurrences. “

Email mistakes leads to data breaches. Below are the few examples which involve emails.

A Goldman Sachs contractor accidentally sent a message to a gmail.com email address which was meant to be sent at gs.com. The email contained a confidential document. As per the statement by the Goldman Sachs, “ document contained highly confidential brokerage account information” and it has asked Google to help it prevent a “needless and massive” data breach.

Another example includes insurance brokerage firm Willis North America accidentally sending a spreadsheet to a group of employees enrolled in the company medical plan’s Healthy Rewards Program. Affected confidential information, including employees’ names, email addresses, birthdates, Social Security numbers, employee ID numbers, office locations, and the details of their medical insurance plans.

____________________________________________________________________________________________

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption software.

Leave a Reply