Cerebral Breach
Date: October, 2021Cerebral is a telehealth company that helps connect patients with mental health professionals from around the country. The provider works with tens of thousands of patients and manages a great deal of health information as a result. The company accidentally disclosed some information protected by HIPAA and has just made the issue known to its patients.
What Was the Breach?
- Full Name
- Email Address
- IP Address
- Date of Birth
- Demographic Information
- Subscription Type
- Treatment Options
- Health Insurance
- Selected Services
How Did the Breach Occur?
The Cerebral breach occurred because the company was utilizing data tracking tools that made too much information available to its subcontractors. Some companies working with Cerebral were able to see more health information about the company's patients than what is approved by HIPAA standards. While there isn't a likely risk of identity theft from the data disclosed, it's still important for patients to be aware that their information is out there more than they might have realized.
When Did This Breach Occur?
The Cerebral data breach has been an issue since October 12, 2019, when new tracking solutions were installed on the company's systems. It wasn't until January 3, 2023, that the company realized it was disclosing more information than it was allowed to. That means that for more than three years, patient data has been being leaked to subcontractors that deal with the company.
Who Does the Breach Impact?
This Cerebral breach impacts current and past patients that have used the service. If you entrusted your data to the organization, some of it might have been shared with subcontractors that don't have a right to see it. No financial data, credit card information, or Social Security numbers were shared by this mistake. If you want to avoid this issue in the future, you can block cookies from the Cerebral website and erase your current cookies to prevent the site from having access to as much data.
How Many Files Does the Breach Affect?
The Cerebral data leak affects hundreds of thousands of cookie files offered by patients working with the network. The files contain limited health data, but they might still be a concern to some patients, particularly worried about their privacy.
Recent Breaches
Cisco Duo Breach
Cisco Duo is an access security provider that offers solutions for small business and commercial control products, including multi-factor authentication (MFA), single sign-on, and access control services....
AT&T Breach
American Telephone and Telegraph Company (AT&T) is the fourth-largest telecommunications provider, behind Verizon, Comcast, and China’s state-funded communications solution...
Fujitsu Limited Breach
Fujitsu Limited is the world’s sixth-largest IT service provider. Based in the Minato City ward of Tokyo, Japan, Fujitsu offers various technology solutions for personal and commercial use...
Cybersecurity and Infrastructure Security Agency Breach
The CISA collaborates with other government agencies to notify victims of breaches and respond to threats. These include the Federal Bureau of Investigation, the Multi-State Information Sharing & Analysis...
Roku Inc. Breach
Roku is a global streaming and entertainment organization. It offers solutions for direct streaming, live channels, music, niche channel entertainment, smart home devices, travel technology, audio options,...