Security News > 2022 > August > Misconfigured Meta Pixel exposed healthcare data of 1.3M patients

Misconfigured Meta Pixel exposed healthcare data of 1.3M patients
2022-08-22 18:16

U.S. healthcare provider Novant Health has disclosed a data breach impacting 1,362,296 individuals who have had their sensitive information mistakenly collected by the Meta Pixel ad tracking script.

To track these advertisements, the healthcare company added the Meta Pixel code to their site to measure how well the advertisements worked.

As explained in a statement published late last week, Meta pixel was misconfigured on Novant Health's site and the 'MyChart' portal, transmitting privacy information to Meta and its advertising partners.

"Immediately upon becoming aware that the pixel had the capability to transmit unintended information to Meta, Novant Health disabled and removed the pixel as a precaution and began an investigation to learn whether, and to what extent, information was transmitted," explains a disclosure on the Novant Health website.

Novant says it has reached out to Meta several times to delete the healthcare data but did not receive a response.

Recently, a class action lawsuit against Meta and two medical centers in the United States was filed alleging that the tech giant and its partners were knowingly collecting private information without requesting the user's consent through the Meta Pixel.


News URL

https://www.bleepingcomputer.com/news/security/misconfigured-meta-pixel-exposed-healthcare-data-of-13m-patients/