John Muir Health is a network of hospitals and medical services that work together to treat patients with a variety of conditions. These facilities are based around Walnut Creek, California, and serve thousands of patients annually. The facility recently suffered from a data breach that may have released medical data for some patients staying at one of the facilities in the network.
The JMH data breach occurred because an employee created a website linking to patient data on an Excel spreadsheet. The site made it possible for external users to access the data, and there is a possibility that third parties accessed the data after the site was put up. It was later taken down to resolve this issue, but that was after being up for an extended period.
The John Muir Health data breach was first an issue on July 1, 2021, and the information provided remained accessible until September 27, 2022. After that point, no third-party users accessed the site, and it was later taken down. All these details were confirmed by a third-party security firm, and no Social Security numbers or financial data were ever accessible through the website.
This JMH data breach impacts patients that stayed at the John Muir Health Center during the time period listed above. If you were a patient at the center at that time, there is a good chance that your information was accessible to third parties.
As far as we know, the JMH breach only made a single Excel file available to the outside world. The spreadsheet contained a large amount of data about many patients, but no financial or Social Security data was accessible via this spreadsheet. If you were impacted by the breach, you are unlikely to experience any issues because of it, but you should be aware that some of your medical information was made accessible.