Novant Health breach expose data of 1.3 million patients

The U.S. healthcare provider Novant Health has confirmed a data breach in which information from 1,362,296 people leaked.

The incident was caused by a misconfigured Meta pixel on the Novant Health website and the ‘MyChart’ portal, which transmitted privacy information to Meta and its advertising partners.

The incident began in May 2020, when Novant ran advertising campaigns for COVID-19 vaccinations that included Facebook ads.

Information disclosed during the breach include email address, phone number, IP address, emergency contact data, appointment type and date, selected physician, portal menu selections, and any content entered in the “free text” boxes.

“Immediately upon becoming aware that the pixel had the capability to transmit unintended information to Meta, Novant Health disabled and removed the pixel as a precaution and began an investigation to learn whether and to what extent information was transmitted. We reached out to Meta Facebook several times and through different channels, but never got a response,” Novant Health stated in an advisory.

The sources for this piece include an article in BleepingComputer.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web