A huge data breach has exposed the private information of almost a million Americans. The leak involved ConnectOnCall, a patient-doctor communication app owned by Phreesia, a health tech company.
What Happened?
According to the U.S. Department of Health and Human Services, the breach affected 914,138 users. The company says hackers accessed the app between February 16th and May 12th, 2024. Stolen data included names, phone numbers, birthdates, medical conditions, treatments, medications, and even Social Security numbers. ConnectOnCall has taken its app offline to fix the security issues and is gradually bringing it back online in a more secure way.
What Information Was Compromised?
The breach exposed extremely sensitive information shared between doctors and patients during consultations. This included:
- Full names
- Phone numbers
- Birthdates
- Medical conditions and treatments
- Medication details
- Social Security numbers
What’s Next?
ConnectOnCall has already sent letters to affected users, offering free credit and identity monitoring services. They’re urging users to watch out for any suspicious activity and report anything that looks like identity theft or healthcare fraud immediately. The company recommends being vigilant and reporting any suspicious activity.
