Bunch of new personal data leak incidents: police officers and hospital patients affected
11.08.2023

In this report we reveal details on the recent major data related incidents: exposure of hospital patients’ and police officers’ personal data.

Let's start with the news on the Northern Ireland police officers’ data leak incident.

The Police Service of Northern Ireland (PSNI) inadvertently exposed confidential information in response to a Freedom of Information (FOI) request .The leaked document is a spreadsheet containing:

  • Employees’ surnames and initials 
  • Employees’ ranks or grades
  • Location and department they work in.

The confidential data was posted online shortly after the PSNI shared it and removed a few hours later at the organizations’ request.

This is one of the largest data breach in the PSNI history. More than 10,000 employees were affected. Speaking to the media in Belfast on Tuesday, the Assistant Chief Constable Chris Todd apologized to officers for the 'unacceptable' breach.

The impact of the incident is difficult to assess at this stage, the PSNI administration says there are no immediate security concerns but they are monitoring the situation.

The second incident affected patients of one of the largest pediatric providers in the Chicago area. Lurie Children’s Hospital has stated that an unknown third party gained unauthorized access to the personal information of nearly 2,000 patients earlier this year.

The data leak is the result of a security breach at NextGen, a third-party company that provides software to the medical group. NextGen was alerted to unusual login and account activity related to its NextGen Office system on March 30 and April 14. 

In the press release, Lurie Children's Hospital officials stated that the personal information of patients exposed included:

  • Names
  • Dates of birth
  • Addresses
  • Social security numbers. 

The employees in charge  are investigating the incident and report  that measures for enhancing  the security of hospital systems have already been taken.

NextGen representatives notified affected individuals, and offered two years of free identity monitoring, fraud counselling and identity theft restoration services through Experian.

With each new information security incident, it becomes more and more clear, that no organization is immune to confidential information leaks, be it a police service, a children's hospital or any other industry. In today's world, it is essential to promptly prevent all types of incidents that can lead to confidential data leaks or cause reputational and financial loss.

 

Subscribe to get helpful articles and white papers. We discuss industry trends and give advice on how to deal with data leaks and cyberincidents.