Skip to Content

Massive medical records breach leaves 918K seniors vulnerable

There isn’t a much scarier thought than having your personal information stolen. Cybercriminals are hiding around every digital corner, trying to get their hands on data they’ll use to rip us off.

Sometimes, it doesn’t even feel safe to go to the grocery store. Now, visiting the doctor could put your digital life at risk.

How your medical records could be at risk

What we’re talking about is a massive data breach that was just discovered. A backup database belonging to the telemarketing company, HealthNow Networks, was found unsecured after being uploaded to the internet. The company provides equipment and medical supplies to patients with diabetes.

The personal information of nearly 1 million patients was left exposed online. Unprotected data included:

  • Patients’ names
  • Social Security numbers
  • Dates of birth
  • Physical addresses
  • Phone numbers
  • Email addresses
  • Health insurance information
  • Health condition information, such as medications and required equipment

The exposed database was used by HealthNow to market products to diabetic patients. As of 2015, the telemarketing company is no longer a registered business.

After the unsecured database was discovered, the software developer in charge of handling it deleted it; however, it’s unknown how long the data was exposed and how many cybercriminals were able to pull information from it.

Patients impacted by the breach had health insurance through Aetna, Cigna, Blue Cross Blue Shield and UnitedHealthcare.

The type of information exposed in this breach would be a goldmine to scammers. On top of the potential for identity theft, scammers could create phishing attacks based on patients’ needs, tricking them into clicking on maliciously targeted messages that could lead to a number of horrifying results.

Any time there’s a major breach like this, you need to be extra cautious with your online security. Here are some security suggestions:

What you need to do after a data breach

  • Investigate your email address  Have I Been Pwned? is an easy-to-use site with a database of information that hackers and malicious programs have released publicly. It monitors hacker sites and collects new data every five to 10 minutes about the latest hacks and exposures.
  • Change your password — Whenever you hear news of a data breach, it’s a good idea to change your account passwords. Read this article to help you create hack-proof passwords.
  • Close unused accountsHere’s an easy way to manage all of your online accounts at once.
  • Beware of phishing scams — Scammers will try and piggyback on huge breaches like this. They’ll create phishing emails, pretending to be the affected company, hoping to get victims to click on malicious links that could lead to more problems. Take our phishing IQ test to see if you can spot a fake email.
  • Manage passwords — Many people use the same username and password on multiple sites. This is a terrible practice. If you’re using the same credentials on multiple sites, change them to make them unique. If you have too many accounts to remember, use a password manager.
  • Keep an eye on your bank accounts — You should be frequently checking your bank statements for suspicious activity. If you see anything that seems strange, report it immediately.
  • Check email security settings — Make sure the email account associated with the hacked site has updated security settings.
  • Have strong security software — Protecting your gadgets with strong security software is important. It’s the best defense against digital threats.
cryptocurrency e-book hero

New eBook: ‘Cryptocurrency 101’

Don't want to lose your dough to crypto? Check out my new eBook, "Cryptocurrency 101." I walk you through buying, selling, mining and more!

Check it out