Cybersecurity Researcher Jeremiah Fowler has identified a non-password-protected database containing records belonging to belonging to Atrium Health, a network of clinics, hospitals and specialty centers. The database held 21,344 medical records with personally identifiable information (PII) and other patient information, such as:

• Patient medical history
• Family medical history
• Patient vital statistics
• Medications administered
• Anesthesia summary
• Emergency contacts
• Diagnoses 
• Case summary and case tracking details
• Medical staff names
• Notes and summaries by medical staff
• Insurance coverage details 

It is unknown if the database in question was directly managed by Atrium Health or by a third-party contractor. Additionally, it is also unknown if anyone else accessed the exposed database, nor is it known how long the database was exposed. 

If this sensitive data had been accessed by a malicious actor, it could leave affected individuals vulnerable to identity theft and insurance fraud. Furthermore, the data could be leveraged in social engineering campaigns, allowing malicious actors to obtain more personal or financial information.  

In December 2024, the organization discovered a breach affecting approximately 600,000 patients due to its patient portal having online tracking tools embedded in it. This disclosure followed another from earlier in 2024, in which the organization disclosed a phishing attack that compromised 32,000 patients’ health information.