Contributors
Jeremiah Grossman
(WhiteHat Security)

Ofer Shezaf
(Breach Security ) [Project Leader]

The Web Hacking Incidents Database
Last update:07 November 2007

Incident WHID 2007-07

WHID 2007-07: Westerly Hospital data breach affects 2,000
Date: 02 March 2007
Incident Type: Security Breach
WASC Threat Classification: Misconfiguration

Personal information about 2,000 patients was mistakenly published on the hospital's web site. The leakage was discovered only when a patient found her information when "Googling" herself.

The information included personal data such as social security numbers, birth dates, address, phone number, insurance numbers and in some cases the reason for the visit.

References:



This work is licensed under the Creative Commons Attribution License. To view a copy of this license, visit http://creativecommons.org/licenses/by/2.5/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.
© Copyright 2005, Web Application Security Consortium. All rights reserved.