A misconfigured database at Serviceaide exposed sensitive health and personal information of approximately 500,000 patients linked to Catholic Health, a non-profit healthcare system based in New York. The data leak occurred between September 19 and November 5, 2024, and was discovered on November 15, 2024. The exposed data included full names, dates of birth, prescription data, Social Security numbers, health insurance details, healthcare provider information, treatment and clinical information, medical record and account numbers, email addresses, usernames, and passwords. Although there’s no confirmed evidence that the data was downloaded or misused, the company admitted it cannot rule out that possibility.
Source: https://hackread.com/serviceaide-leak-catholic-health-patients-records/
TPRM report: https://scoringcyber.rankiteo.com/company/serviceaideinc
"id": "ser854052025",
"linkid": "serviceaideinc",
"type": "Breach",
"date": "5/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"