U.S. healthcare company Novant Health has announced a data breach impacting 1,362,296 patients whose private information was accidentally gathered by the Meta Pixel ad tracking script. Facebook advertisers can install the JavaScript monitoring script Meta Pixel (formerly known as Facebook Pixel) to their website to track the performance of their advertising. Unauthorized patient data access and disclosure started in May 2020, when Novant launched Facebook ad-based marketing campaigns to promote the COVID-19 vaccine. The healthcare company placed the Meta Pixel code on their website to track these advertisements and evaluate their performance. The ‘MyChart’ portal and the Novant Health website’s Meta pixel were incorrectly configured, transmitting privacy information to Meta and its advertising partners. The data that might have been disclosed by Meta Pixel includes email, phone numbers, IP addresses, emergency contacts information, appointment types, dates, selected physicians, portal menu selections, and any content typed into the “free text” boxes.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security