On May 9, 2025, Serviceaide, Inc. reported a security incident involving the inadvertent public exposure of certain patient information from its Elasticsearch database related to Catholic Health. The exposure occurred between September 19, 2024, and November 5, 2024, potentially affecting various personal health information, including names and Social Security numbers, although no evidence of actual misuse was identified.
Source: https://ago.vermont.gov/document/2025-05-09-serviceaide-data-breach-notice-consumers
TPRM report: https://www.rankiteo.com/company/serviceaideinc
"id": "ser523080425",
"linkid": "serviceaideinc",
"type": "Breach",
"date": "9/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Healthcare',
'name': 'Catholic Health',
'type': 'Healthcare Provider'}],
'attack_vector': 'Inadvertent Public Exposure',
'data_breach': {'personally_identifiable_information': ['Names',
'Social Security '
'numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Health Information']},
'date_detected': '2025-05-09',
'date_publicly_disclosed': '2025-05-09',
'description': 'Inadvertent public exposure of patient information from an '
'Elasticsearch database related to Catholic Health.',
'impact': {'data_compromised': ['Names', 'Social Security numbers'],
'systems_affected': ['Elasticsearch Database']},
'title': 'Serviceaide, Inc. Data Exposure Incident',
'type': 'Data Exposure',
'vulnerability_exploited': 'Misconfigured Elasticsearch Database'}