Security News > 2023 > March > Mental health provider Cerebral alerts 3.1M people of data breach
Healthcare platform Cerebral is sending data breach notices to 3.18 million people who have interacted with its websites, applications, and telehealth services.
Cerebral is a remote telehealth company that provides online therapy and medication management for various mental health conditions, including anxiety, depression, ADHD, Bipolar Disorder, and substance abuse.
Due to a tracking pixel's data logging features, Cerebral said the sensitive medical information of people who used the provider's platform was exposed to third parties without the patient's permission.
"Cerebral recently initiated a review of its use of Tracking Technologies and data sharing practices involving Subcontractors," warned Cerebral's privacy breach notice.
"On January 3, 2023, Cerebral determined that it had disclosed certain information that may be regulated as protected health information under HIPAA to certain Third-Party Platforms and some Subcontractors without having obtained HIPAA-required assurances."
Cerebral reported on the U.S. Department of Health and Human Services breach portal that 3,179,835 people had their information exposed as part of this breach.
News URL
Related news
- Data breach at Japanese telecom giant NTT hits 18,000 companies (source)
- PowerSchool previously hacked in August, months before data breach (source)
- Western Alliance Bank notifies 21,899 customers of data breach (source)
- Sperm donation giant California Cryobank warns of a data breach (source)
- Pennsylvania education union data breach hit 500,000 people (source)
- StreamElements discloses third-party data breach after hacker leaks data (source)
- Texas State Bar warns of data breach after INC ransomware claims attack (source)
- Food giant WK Kellogg discloses data breach linked to Clop ransomware (source)
- The quiet data breach hiding in AI workflows (source)
- Hertz confirms customer info, drivers' licenses stolen in data breach (source)