{"id":306,"date":"2023-03-11T22:21:28","date_gmt":"2023-03-12T04:21:28","guid":{"rendered":"https:\/\/kentprotect.com\/?p=306"},"modified":"2023-03-11T23:05:40","modified_gmt":"2023-03-12T05:05:40","slug":"cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising","status":"publish","type":"post","link":"https:\/\/kentprotect.com\/index.php\/2023\/03\/11\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\/","title":{"rendered":"Cerebral breached 3.1 million patients\u2019 and users\u2019 data over three years through advertising"},"content":{"rendered":"<div class='booster-block booster-read-block'><\/div>\n<p class=\"wp-block-paragraph\">(Cerebral, n.d.-a)<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>One-sentence summary: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Cerebral, through its tracking technologies, breached the potential PII and PHI of over 3.1 million registered users and patients since October 2019. <\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Who was involved?<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Cerebral, Inc. and 3,179,835 Cerebral patients and users (HHS, 2023). <\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>What was the timeline?<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">October 12, 2019: Cerebral begins use of &#8220;Tracking Technologies&#8221; that breach patient&#8217;s PHI<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">January 3, 2023: Cerebral realized it has been breaching PHI for years with advertising. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">March 1, 2023: Cerebral begins notifying patients\/users and reports the breach to HHS. <\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>What occurred?<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Cerebral integrated &#8220;Advertising Technologies&#8221; including tracking pixels and advertising technologies in use by &#8220;Google, Meta (Facebook), [and] TikTok&#8221; in October 2019 (Cerebral, n.d.-b, p. 1). As a result, 3.1 million patient&#8217;s PHI and registered user&#8217;s PII were breached by advertisers and third parties, with the following PII\/PHI: &#8220;name, phone number, email address, date of birth, IP address, Cerebral client ID number, and other demographic or information&#8221;, &#8220;the service the individual selected, assessment responses, and certain associated health information,&#8221; and &#8220;subscription plan type, appointment dates and other booking information, treatment, and other clinical information, health insurance\/ pharmacy benefit information (for example, plan name and group\/ member numbers), and insurance co-pay amount&#8221; (Cerebral, n.d.-b, p. 1)<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Estimated costs:<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Potential breach notification costs, 12 months Experian IdentityWorks SM, M-F call center. <\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Involved laws: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Federal: HIPAA and HITECH. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">California: CCPA and Cal. Civ. Code \u00a7 1798.29(a)<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Root cause: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Voluntary business practices and\/or misconfiguration: advertising technologies. <\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Lessons learned: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In-house and independent risk and GRC assessments on advertising practices. Thorough compliance audits and privacy assessments. Another paradigm: assessing risk with established data flows in the enterprise (advertising is an outbound data flow and, therefore, a potential privacy risk). Breaches continue to occur at major corporations due to misconfiguration and, therefore, necessitate the need for regular, rigorous auditing.<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Sources: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Cerebral. (n.d.-a). <em>Cerebral_Logo.jpg<\/em>. PR Newswire. https:\/\/mma.prnewswire.com\/media\/1758736\/Cerebral_Logo.jpg?p=facebook<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Cerebral. (n.d.-b). Notice of HIPAA Privacy Breach. In <em>Cerebral<\/em>. Retrieved March 11, 2023, from https:\/\/cerebral.com\/static\/hippa_privacy_breach-4000c6eb21449c2ecd8bd13706750cc2.pdf<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">FINAL BREACH NOTIFICATION LETTER 3.1.2023.pdf. (2023). In <em>Submitted Breach Notification Sample<\/em>. State of California Department of Justice. Retrieved March 11, 2023, from https:\/\/oag.ca.gov\/system\/files\/FINAL%20BREACH%20NOTIFICATION%20LETTER%203.1.2023.pdf<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">HHS. (2023, March 1). <em>Breach Portal: Notice to the Secretary of HHS Breach of Unsecured Protected Health Information<\/em>. U.S. Department of Health &amp; Human Services &#8211; Office For Civil Rights. Retrieved March 11, 2023, from https:\/\/ocrportal.hhs.gov\/ocr\/breach\/breach_report.jsf<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Cerebral breached 3.1 million patients\u2019 and users\u2019 data over three years through advertising\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/mf_5RlC_F58?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><figcaption class=\"wp-element-caption\">YouTube\/Blog Notification Post<\/figcaption><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>(Cerebral, n.d.-a) One-sentence summary: Cerebral, through its tracking technologies, breached the potential PII and PHI of over 3.1<\/p>\n","protected":false},"author":4,"featured_media":307,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[308,306,68,302,3,12,85,114,294,13,76,63,274,75,61,11,10,77,74,300,305,304,14,201,312,311,309,69,71,241,45,296,295,43,44,72,70,287,8,27,301,310,314,313,280,124,297,307,303,67,62,15,298,299,315],"class_list":["post-306","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-breach-report","tag-ad-tracking","tag-advertising","tag-been-pwned","tag-betterhelp","tag-breach-report","tag-breaches","tag-california","tag-ccpa","tag-cerebral","tag-ciso","tag-cloud","tag-computer-security","tag-computers","tag-cyber-security","tag-cybercrime","tag-cybersecurity","tag-dallas","tag-dark-web","tag-data-breach","tag-delaware","tag-ehr","tag-emr","tag-executive","tag-exfiltration","tag-faang","tag-facebook","tag-google","tag-have-been-pwned","tag-have-i-pwned","tag-haveibeenpwned","tag-healthcare","tag-healthcare-breaches","tag-healthcareit","tag-hipaa","tag-hitech","tag-i-been-pwned","tag-i-have-been-pwned","tag-isp","tag-kent-protect","tag-kentprotect","tag-mentalhealth","tag-meta","tag-millions","tag-misconfiguration","tag-pacific","tag-phi","tag-pii","tag-pixels","tag-psychology","tag-pwned","tag-security","tag-summary","tag-walnut","tag-walnutca","tag-westcoast"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Cerebral breached 3.1 million patients\u2019 and users\u2019 data over three years through advertising - Kent Protect<\/title>\n<meta name=\"description\" content=\"Cerebral, through its Tracking Technologies, breached the potential PII and PHI of over 3.1 million registered users and patients since October 2019.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kentprotect.com\/index.php\/2023\/03\/11\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cerebral breached 3.1 million patients\u2019 and users\u2019 data over three years through advertising - Kent Protect\" \/>\n<meta property=\"og:description\" content=\"Cerebral, through its Tracking Technologies, breached the potential PII and PHI of over 3.1 million registered users and patients since October 2019.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kentprotect.com\/index.php\/2023\/03\/11\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\/\" \/>\n<meta property=\"og:site_name\" content=\"Kent Protect\" \/>\n<meta property=\"article:published_time\" content=\"2023-03-12T04:21:28+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-03-12T05:05:40+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/03\/Cerebral_Logo.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"635\" \/>\n\t<meta property=\"og:image:height\" content=\"335\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Kyler Kent CISSP\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kyler Kent CISSP\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/03\\\/11\\\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/03\\\/11\\\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\\\/\"},\"author\":{\"name\":\"Kyler Kent CISSP\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#\\\/schema\\\/person\\\/f9b4d76bd2f5b5559a08ad2e004a1116\"},\"headline\":\"Cerebral breached 3.1 million patients\u2019 and users\u2019 data over three years through advertising\",\"datePublished\":\"2023-03-12T04:21:28+00:00\",\"dateModified\":\"2023-03-12T05:05:40+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/03\\\/11\\\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\\\/\"},\"wordCount\":433,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/03\\\/11\\\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/Cerebral_Logo.jpg\",\"keywords\":[\"ad tracking\",\"advertising\",\"been pwned\",\"betterhelp\",\"breach report\",\"breaches\",\"california\",\"CCPA\",\"Cerebral\",\"ciso\",\"cloud\",\"computer security\",\"computers\",\"cyber security\",\"cybercrime\",\"cybersecurity\",\"dallas\",\"dark web\",\"data breach\",\"delaware\",\"EHR\",\"EMR\",\"executive\",\"exfiltration\",\"FAANG\",\"Facebook\",\"Google\",\"have been pwned\",\"have I pwned\",\"haveibeenpwned\",\"healthcare\",\"healthcare breaches\",\"healthcareIT\",\"HIPAA\",\"HITECH\",\"I been pwned\",\"I have been pwned\",\"ISP\",\"kent protect\",\"kentprotect\",\"mentalhealth\",\"Meta\",\"millions\",\"misconfiguration\",\"pacific\",\"PHI\",\"PII\",\"pixels\",\"psychology\",\"pwned\",\"security\",\"summary\",\"walnut\",\"walnutca\",\"westcoast\"],\"articleSection\":[\"The Breach Report!\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/03\\\/11\\\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/03\\\/11\\\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\\\/\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/03\\\/11\\\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\\\/\",\"name\":\"Cerebral breached 3.1 million patients\u2019 and users\u2019 data over three years through advertising - Kent Protect\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/03\\\/11\\\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/03\\\/11\\\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/Cerebral_Logo.jpg\",\"datePublished\":\"2023-03-12T04:21:28+00:00\",\"dateModified\":\"2023-03-12T05:05:40+00:00\",\"description\":\"Cerebral, through its Tracking Technologies, breached the potential PII and PHI of over 3.1 million registered users and patients since October 2019.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/03\\\/11\\\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/03\\\/11\\\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/03\\\/11\\\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\\\/#primaryimage\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/Cerebral_Logo.jpg\",\"contentUrl\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/Cerebral_Logo.jpg\",\"width\":635,\"height\":335,\"caption\":\"Cerebral Logo\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/03\\\/11\\\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/kentprotect.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cerebral breached 3.1 million patients\u2019 and users\u2019 data over three years through advertising\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#website\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/\",\"name\":\"Kent Protect\",\"description\":\"Starring the Breach Report! and other security and cybersecurity series\",\"publisher\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/kentprotect.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#organization\",\"name\":\"Kent Protect\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/cropped-FullLogo_Transparent-1-with-KP-Smaller.png\",\"contentUrl\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/cropped-FullLogo_Transparent-1-with-KP-Smaller.png\",\"width\":209,\"height\":161,\"caption\":\"Kent Protect\"},\"image\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#\\\/schema\\\/person\\\/f9b4d76bd2f5b5559a08ad2e004a1116\",\"name\":\"Kyler Kent CISSP\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/Retry-3-150x150.jpg\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/Retry-3-150x150.jpg\",\"contentUrl\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/Retry-3-150x150.jpg\",\"caption\":\"Kyler Kent CISSP\"},\"description\":\"Kyler Kent is a Senior Cybersecurity Analyst on CrowdStrike\u2019s Falcon Complete MDR team, where he helps large enterprises detect, investigate, and contain real intrusions across cloud and hybrid environments. His work spans threat hunting, incident response, and security automation\u2014turning noisy telemetry into clear, repeatable actions that reduce risk quickly. Previously, Kyler served as a Threat Hunting and Intelligence Specialist supporting a critical infrastructure provider in Dallas, and led security automation and operational coordination at CyberConvoy. He holds a Master\u2019s in Cybersecurity Risk Management from Georgetown University and maintains certifications including CISSP, AWS Solutions Architect \u2013 Professional, AWS Security \u2013 Specialty, and multiple CrowdStrike credentials. He writes to close the gap between \u201cwhat the textbook says\u201d and what analysts actually do on shift with his published book: \\\"SOC Analyst Career Guide\\\" (ISBN-13: 9781835467466). https:\\\/\\\/linktr.ee\\\/kentprotect.com Corrections: corrections@kentprotect.com\",\"sameAs\":[\"http:\\\/\\\/kylerkent.com\"],\"url\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/author\\\/kylerkent\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cerebral breached 3.1 million patients\u2019 and users\u2019 data over three years through advertising - Kent Protect","description":"Cerebral, through its Tracking Technologies, breached the potential PII and PHI of over 3.1 million registered users and patients since October 2019.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kentprotect.com\/index.php\/2023\/03\/11\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\/","og_locale":"en_US","og_type":"article","og_title":"Cerebral breached 3.1 million patients\u2019 and users\u2019 data over three years through advertising - Kent Protect","og_description":"Cerebral, through its Tracking Technologies, breached the potential PII and PHI of over 3.1 million registered users and patients since October 2019.","og_url":"https:\/\/kentprotect.com\/index.php\/2023\/03\/11\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\/","og_site_name":"Kent Protect","article_published_time":"2023-03-12T04:21:28+00:00","article_modified_time":"2023-03-12T05:05:40+00:00","og_image":[{"width":635,"height":335,"url":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/03\/Cerebral_Logo.jpg","type":"image\/jpeg"}],"author":"Kyler Kent CISSP","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Kyler Kent CISSP","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kentprotect.com\/index.php\/2023\/03\/11\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\/#article","isPartOf":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/03\/11\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\/"},"author":{"name":"Kyler Kent CISSP","@id":"https:\/\/kentprotect.com\/#\/schema\/person\/f9b4d76bd2f5b5559a08ad2e004a1116"},"headline":"Cerebral breached 3.1 million patients\u2019 and users\u2019 data over three years through advertising","datePublished":"2023-03-12T04:21:28+00:00","dateModified":"2023-03-12T05:05:40+00:00","mainEntityOfPage":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/03\/11\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\/"},"wordCount":433,"commentCount":0,"publisher":{"@id":"https:\/\/kentprotect.com\/#organization"},"image":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/03\/11\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\/#primaryimage"},"thumbnailUrl":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/03\/Cerebral_Logo.jpg","keywords":["ad tracking","advertising","been pwned","betterhelp","breach report","breaches","california","CCPA","Cerebral","ciso","cloud","computer security","computers","cyber security","cybercrime","cybersecurity","dallas","dark web","data breach","delaware","EHR","EMR","executive","exfiltration","FAANG","Facebook","Google","have been pwned","have I pwned","haveibeenpwned","healthcare","healthcare breaches","healthcareIT","HIPAA","HITECH","I been pwned","I have been pwned","ISP","kent protect","kentprotect","mentalhealth","Meta","millions","misconfiguration","pacific","PHI","PII","pixels","psychology","pwned","security","summary","walnut","walnutca","westcoast"],"articleSection":["The Breach Report!"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kentprotect.com\/index.php\/2023\/03\/11\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kentprotect.com\/index.php\/2023\/03\/11\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\/","url":"https:\/\/kentprotect.com\/index.php\/2023\/03\/11\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\/","name":"Cerebral breached 3.1 million patients\u2019 and users\u2019 data over three years through advertising - Kent Protect","isPartOf":{"@id":"https:\/\/kentprotect.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/03\/11\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\/#primaryimage"},"image":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/03\/11\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\/#primaryimage"},"thumbnailUrl":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/03\/Cerebral_Logo.jpg","datePublished":"2023-03-12T04:21:28+00:00","dateModified":"2023-03-12T05:05:40+00:00","description":"Cerebral, through its Tracking Technologies, breached the potential PII and PHI of over 3.1 million registered users and patients since October 2019.","breadcrumb":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/03\/11\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kentprotect.com\/index.php\/2023\/03\/11\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kentprotect.com\/index.php\/2023\/03\/11\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\/#primaryimage","url":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/03\/Cerebral_Logo.jpg","contentUrl":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/03\/Cerebral_Logo.jpg","width":635,"height":335,"caption":"Cerebral Logo"},{"@type":"BreadcrumbList","@id":"https:\/\/kentprotect.com\/index.php\/2023\/03\/11\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/kentprotect.com\/"},{"@type":"ListItem","position":2,"name":"Cerebral breached 3.1 million patients\u2019 and users\u2019 data over three years through advertising"}]},{"@type":"WebSite","@id":"https:\/\/kentprotect.com\/#website","url":"https:\/\/kentprotect.com\/","name":"Kent Protect","description":"Starring the Breach Report! and other security and cybersecurity series","publisher":{"@id":"https:\/\/kentprotect.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kentprotect.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kentprotect.com\/#organization","name":"Kent Protect","url":"https:\/\/kentprotect.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kentprotect.com\/#\/schema\/logo\/image\/","url":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/04\/cropped-FullLogo_Transparent-1-with-KP-Smaller.png","contentUrl":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/04\/cropped-FullLogo_Transparent-1-with-KP-Smaller.png","width":209,"height":161,"caption":"Kent Protect"},"image":{"@id":"https:\/\/kentprotect.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/kentprotect.com\/#\/schema\/person\/f9b4d76bd2f5b5559a08ad2e004a1116","name":"Kyler Kent CISSP","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/03\/Retry-3-150x150.jpg","url":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/03\/Retry-3-150x150.jpg","contentUrl":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/03\/Retry-3-150x150.jpg","caption":"Kyler Kent CISSP"},"description":"Kyler Kent is a Senior Cybersecurity Analyst on CrowdStrike\u2019s Falcon Complete MDR team, where he helps large enterprises detect, investigate, and contain real intrusions across cloud and hybrid environments. His work spans threat hunting, incident response, and security automation\u2014turning noisy telemetry into clear, repeatable actions that reduce risk quickly. Previously, Kyler served as a Threat Hunting and Intelligence Specialist supporting a critical infrastructure provider in Dallas, and led security automation and operational coordination at CyberConvoy. He holds a Master\u2019s in Cybersecurity Risk Management from Georgetown University and maintains certifications including CISSP, AWS Solutions Architect \u2013 Professional, AWS Security \u2013 Specialty, and multiple CrowdStrike credentials. He writes to close the gap between \u201cwhat the textbook says\u201d and what analysts actually do on shift with his published book: \"SOC Analyst Career Guide\" (ISBN-13: 9781835467466). https:\/\/linktr.ee\/kentprotect.com Corrections: corrections@kentprotect.com","sameAs":["http:\/\/kylerkent.com"],"url":"https:\/\/kentprotect.com\/index.php\/author\/kylerkent\/"}]}},"_links":{"self":[{"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/posts\/306","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/comments?post=306"}],"version-history":[{"count":6,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/posts\/306\/revisions"}],"predecessor-version":[{"id":315,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/posts\/306\/revisions\/315"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/media\/307"}],"wp:attachment":[{"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/media?parent=306"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/categories?post=306"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/tags?post=306"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}