Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

480,000 Catholic Health Patients Impacted by Serviceaide Data Leak

Serviceaide exposed a database containing personal and medical information belonging to Catholic Health patients.

Enterprise management solutions provider Serviceaide has informed the Department of Health and Human Services (HHS) that a data leak impacts the personal and medical information of nearly half a million Catholic Health patients.

California-based Serviceaide, whose solutions are used by organizations worldwide, discovered in November 2024 that an Elasticsearch database maintained for one of its customers, Buffalo, New York-based non-profit healthcare system Catholic Health, had been inadvertently made publicly available. 

An investigation showed that the database had been exposed between September 19 and November 5, 2024. 

While Serviceaide did not find any evidence that the information was exfiltrated, the company said it cannot definitively rule it out. 

According to a data breach notice posted on the Serviceaide website, the exposed information varies for each individual, but it can include name, SSN, date of birth, medical record number, patient account number, medical information, health insurance information, prescription and treatment information, clinical information, healthcare provider details, email or username, and password. 

Impacted individuals are being notified and offered 12 months of free credit monitoring and identity theft protection services. 

Advertisement. Scroll to continue reading.

Serviceaide informed the HHS, according to the government organization’s incident tracker, that just over 483,000 individuals are impacted by the data breach. 

It’s not uncommon for healthcare data breaches to impact hundreds of thousands of individuals, and some incidents affect millions and even tens of millions. 

Related: 200,000 Harbin Clinic Patients Impacted by NRS Data Breach

Related: 437,000 Impacted by Ascension Health Data Breach

Related: Kelly Benefits Data Breach Impact Grows to 400,000 Individuals

Written By

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

Tracey Mustacchio has joined Everfox as Chief Marketing Officer.

Mark Carter has been appointed Chief Information Security Officer at Socure.

Spektrum Labs has named Mark Cravotta Chief Operating Officer.

More People On The Move

Expert Insights

Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.