This original post was made on 23 August 2022
Update 21 October 2022
There has been another “mis-configuration story this week – Microsoft exposed thousands of client records when they mis-configured a server.
Following a report in the summer of patient information leaking from a health care company because of a mistake in setting up a tracking system, another US health care provider, Advocate Aurora Health, in a bid to understand their patients better has exposed those same patients to a data breach.
Three million patients is a potentially huge amount of personal information leaking out because, someone promised a golden egg to administrators and then failed to follow-up with the required technical expertise.
I will quote Andrea Peterson’s article here, “Advocate Aurora Health said it believes “no social security number, financial account, credit card, or debit card information” were compromised.”. Not much reassurance for the patients of a company that has already admitted a serious lack of knowledge when using tracking software.
Are you using track pixels? Has your marketing company or web company configured them correctly? Is their server and personnel cyber security steps up to the job?
What do I mean by personnel cybersecurity? Do they use in house, verified staff or gig economy sub-contractors from around the world?
These are all good questions to ask, when you put your reputation and cyber security into the hands of a third party.
Clive Catton MSc (Cyber Security) – by-line and other articles
Original post
Here is a real world example of mis-configuration exposing personal information of over a million people.
Misconfigured Meta Pixel exposed healthcare data of 1.3M patients – Bleeping Computers
My best advice is get help and advice when setting up sensitive systems – don‘t Google it!
Please Note:
I am on leave so the news this week is “in brief”. You can still contact me via the contact page and Octagon Technology.