America’s leading healthcare provider is making some shocking revelations regarding a huge data breach. And it has gone on to affect nearly 1.3 million hospital patients.
According to Novant Health, the incident has taken place due to some major errors by Meta Pixel, a tool that was formerly known as Facebook Pixel.
The company’s ad tracking script has mistakenly collected sick patients’ data, as revealed in the latest research report. And that has exposed so much information that it’s hard to comprehend right now.
For those who are unaware of Meta Pixel, well, it’s another name reserved for a tracking script that is used by Facebook’s advertisers. They use this to include data on their website so it can better track the performance of such ads.
The whole process related to gaining access to users’ unauthorized data is beginning to worry many as it first began in the year 2020 in May. During that time, the company Norvant carried out a series of promotional campaigns linked to its COVID-19 vaccine drive and that also had Facebook ads.
To better track such ads, the firm mentioned a certain Meta Pixel code on their webpage to better determine how such ads really worked.
A statement was published last week that the company’s code had been misconfigured on the healthcare provider’s site as well as the ‘MyChart’ portal and that is what led to this entire fiasco taking center stage.
In this way, sensitive data or private information was sent out to meta and all other marketing partners involved in the deal.
Some examples of the types of data collected included the likes of email IDs, phone numbers, IP addresses, emergency contact details, names of doctors selected, portal menus selected, and dates of appointments.
Today, the portal called MyChart is being used by nearly 64 different healthcare providers in the country. This way, appointments can be made, refills for prescriptions are carried out, and patients can contact their providers too.
The bad news related to this information is linked to users that may not have ever used this service being affected, thanks to all the misconfiguration taking place.
It was not until May of 2022 that we saw Novant delete Meta Pixel from all of its pages and various portals. At that time, IT teams came to the sudden realization that things weren’t right. Hence, the exposure did last a good two years.
The company has mentioned in its public statement how its slowly but surely becoming aware of the reality of the situation. And on that note, it opted to quickly take action but many feel that was just not good enough as data was already exposed to millions of patients.
Novant added how it realizes that the impact of this entire ordeal has been major and only after conducting such a major investigation has it been able to make these findings. Therefore, all of those to whom notices were sent out would now be seeing themselves as a part of the breach.
The healthcare firm adds that it has repeatedly reached out to tech giant Meta on several occasions so it would delete the data exposed. However, it failed to get any sort of response from the company.
This isn’t the first time we’ve heard about Meta and healthcare centers being involved in such litigations. There are similar reports of a class action case filed against Facebook’s parent firm for the collection of private data of patients knowingly. So as you can see, Meta really needs to open its eyes before it’s too late.
H/T: TR
Read next: Meta Releases New Promotional Campaign Of The Metaverse Amid Great Criticism
According to Novant Health, the incident has taken place due to some major errors by Meta Pixel, a tool that was formerly known as Facebook Pixel.
The company’s ad tracking script has mistakenly collected sick patients’ data, as revealed in the latest research report. And that has exposed so much information that it’s hard to comprehend right now.
For those who are unaware of Meta Pixel, well, it’s another name reserved for a tracking script that is used by Facebook’s advertisers. They use this to include data on their website so it can better track the performance of such ads.
The whole process related to gaining access to users’ unauthorized data is beginning to worry many as it first began in the year 2020 in May. During that time, the company Norvant carried out a series of promotional campaigns linked to its COVID-19 vaccine drive and that also had Facebook ads.
To better track such ads, the firm mentioned a certain Meta Pixel code on their webpage to better determine how such ads really worked.
A statement was published last week that the company’s code had been misconfigured on the healthcare provider’s site as well as the ‘MyChart’ portal and that is what led to this entire fiasco taking center stage.
In this way, sensitive data or private information was sent out to meta and all other marketing partners involved in the deal.
Some examples of the types of data collected included the likes of email IDs, phone numbers, IP addresses, emergency contact details, names of doctors selected, portal menus selected, and dates of appointments.
Today, the portal called MyChart is being used by nearly 64 different healthcare providers in the country. This way, appointments can be made, refills for prescriptions are carried out, and patients can contact their providers too.
The bad news related to this information is linked to users that may not have ever used this service being affected, thanks to all the misconfiguration taking place.
It was not until May of 2022 that we saw Novant delete Meta Pixel from all of its pages and various portals. At that time, IT teams came to the sudden realization that things weren’t right. Hence, the exposure did last a good two years.
The company has mentioned in its public statement how its slowly but surely becoming aware of the reality of the situation. And on that note, it opted to quickly take action but many feel that was just not good enough as data was already exposed to millions of patients.
Novant added how it realizes that the impact of this entire ordeal has been major and only after conducting such a major investigation has it been able to make these findings. Therefore, all of those to whom notices were sent out would now be seeing themselves as a part of the breach.
The healthcare firm adds that it has repeatedly reached out to tech giant Meta on several occasions so it would delete the data exposed. However, it failed to get any sort of response from the company.
This isn’t the first time we’ve heard about Meta and healthcare centers being involved in such litigations. There are similar reports of a class action case filed against Facebook’s parent firm for the collection of private data of patients knowingly. So as you can see, Meta really needs to open its eyes before it’s too late.
H/T: TR
Read next: Meta Releases New Promotional Campaign Of The Metaverse Amid Great Criticism