{"id":570,"date":"2023-04-18T06:27:10","date_gmt":"2023-04-18T11:27:10","guid":{"rendered":"https:\/\/kentprotect.com\/?p=570"},"modified":"2023-04-20T22:32:05","modified_gmt":"2023-04-21T03:32:05","slug":"breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels","status":"publish","type":"post","link":"https:\/\/kentprotect.com\/index.php\/2023\/04\/18\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\/","title":{"rendered":"Breach Report: Alcohol recovery startup Monument breaches health records for over 108,000 individuals over 3 years via advertising pixels"},"content":{"rendered":"<div class='booster-block booster-read-block'><\/div>\n<p class=\"wp-block-paragraph\">*<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">(image source: Monument (Verywellmind), n.d.)<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>One-sentence summary: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Monument, an NYC-based alcohol recovery startup, potentially breached the protected health information of over 108,000 individuals over 3 years (and an additional 3 years retroactively via Tempest) via advertising pixels. <\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Who was involved?<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Monument, Inc., its subsidiary Tempest, and 108,584 individuals. <\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>What was the timeline?<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">November 2017: Breach starts with Tempest members<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">January 2020: Breach starts with Monument members<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">December 1, 2022: HHS publishes a privacy guidance bulletin regarding advertising, including advertising pixels (HHS, 2022). Monument claims to receive notice around this time and begins an internal investigation as well as the cessation of such advertising methods. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">February 6, 2023: Monument determines it has breached PHI via advertising<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">February 23, 2023: Monument confirms it has removed all offending advertising services from service. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">March 31, 2023: Monument reports the breach to HHS and presumably begins public notification<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>What occurred?<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Monument, an alcohol recovery startup, used advertising pixels along with its subsidiary (Tempest) since 2020 and 2017, respectively, unknowingly breaching the protected health information of over 108,584 individuals, which may have included: &#8220;name, date of birth, email address, telephone number, address, Monument ID, insurance member ID, IP address, unique digital ID, Uniform Resource Locator (URL), photograph, selected services or plan, assessment or survey responses, appointment-related information, and associated health information&#8221; (Monument, 2023; HHS, 2023). Monument claims to have received warning from HHS&#8217;s bulletin back in December 2022 covering advertising pixels, thus initiating their investigation (Monument, 2023; HHS, 2022). <\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Estimated costs:<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Associated incident response costs, breach notification costs, potential identity monitoring services, M-F call center<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Involved laws: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Federal: HIPAA and HITECH <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">California: CCPA and Cal. Civ. Code \u00a7 1798.29(a)<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Root cause: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Voluntary business practices and\/or misconfiguration: advertising technologies.<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Lessons learned: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Theoretically, in-house and independent risk and GRC assessments on advertising practices may allow an organization to preemptively respond to or prevent breaches, even before specific regulatory clarification occurs (e.g., HHS guidance publications). Thorough compliance audits and privacy assessments. Another paradigm: assessing risk with established data flows in the enterprise (advertising is an outbound data flow and, therefore, a potential privacy risk). Breaches continue to occur at major corporations due to voluntary misconfiguration and, therefore, necessitate the need for regular, rigorous auditing.<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Sources: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">HHS. (2022). Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates. In <em>U.S. Department of Health &amp; Human Services<\/em>. Office for Civil Rights (OCR). Retrieved April 18, 2023, from https:\/\/www.hhs.gov\/hipaa\/for-professionals\/privacy\/guidance\/hipaa-online-tracking\/index.html<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">HHS. (2023). Cases Currently Under Investigation. In <em>Breach Portal: Notice to the Secretary of HHS Breach of Unsecured Protected Health Information<\/em>. U.S. Department of Health and Human Services Office for Civil Rights. Retrieved April 18, 2023, from https:\/\/ocrportal.hhs.gov\/ocr\/breach\/breach_report.jsf<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Monument. (2023). Monument &#8211; Sample Notification Letter 4888-3653-0266 v.2.pdf. In <em>Submitted Breach Notification Sample<\/em> (AI4831 v.01). Rob Bonta California Attorney General. Retrieved April 18, 2023, from https:\/\/oag.ca.gov\/ecrime\/databreach\/reports\/sb24-564977<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Monument (Verywellmind). (n.d.). <em>Monument-Recirc-aa8c55b799424c8193f9bbc8b5e4a57c.jpg<\/em>. Verywellmind. https:\/\/www.verywellmind.com\/thmb\/wysdvUsebhoseRDDmYBgEkYFsD0=\/1500&#215;0\/filters:no_upscale():max_bytes(150000):strip_icc()\/Monument-Recirc-aa8c55b799424c8193f9bbc8b5e4a57c.jpg<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Commentary: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This breach report mimics <a href=\"https:\/\/kentprotect.com\/index.php\/2023\/03\/11\/cerebral-breached-3-1-million-patients-and-users-healthcare-data-over-three-years-through-advertising\/\" target=\"_blank\" rel=\"noreferrer noopener\">another healthcare startup breach previously covered, Cerebral<\/a>, and may foreshadow an increasing number of healthcare breach reports due to more specific HHS guidance.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-4-3 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Breach Report: Alcohol recovery startup Monument breaches health records for over 108,000\" width=\"640\" height=\"480\" src=\"https:\/\/www.youtube.com\/embed\/xb_XB278VDU?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><figcaption class=\"wp-element-caption\">YouTube\/Blog Notification Post<\/figcaption><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>* (image source: Monument (Verywellmind), n.d.) One-sentence summary: Monument, an NYC-based alcohol recovery startup, potentially breached the protected<\/p>\n","protected":false},"author":4,"featured_media":571,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[516,306,513,68,480,3,12,13,76,63,274,75,61,11,10,77,74,14,311,69,71,241,503,43,44,72,70,129,210,8,27,310,518,307,67,514,517,15,81,515],"class_list":["post-570","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-breach-report","tag-addiction","tag-advertising","tag-alcohol","tag-been-pwned","tag-breach","tag-breach-report","tag-breaches","tag-ciso","tag-cloud","tag-computer-security","tag-computers","tag-cyber-security","tag-cybercrime","tag-cybersecurity","tag-dallas","tag-dark-web","tag-data-breach","tag-executive","tag-facebook","tag-have-been-pwned","tag-have-i-pwned","tag-haveibeenpwned","tag-hhs","tag-hipaa","tag-hitech","tag-i-been-pwned","tag-i-have-been-pwned","tag-k-12","tag-k12","tag-kent-protect","tag-kentprotect","tag-meta","tag-newyork","tag-pixels","tag-pwned","tag-recovery","tag-startup-nyc","tag-summary","tag-texas","tag-treatment"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Breach Report: Alcohol recovery startup Monument breaches health records for over 108,000 individuals over 3 years via advertising pixels - Kent Protect<\/title>\n<meta name=\"description\" content=\"Monument, an NYC-based alcohol recovery startup, potentially breached the protected health information of over 108,000 individuals over 3 years (and an additional 3 years retroactively via Tempest) via advertising pixels.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kentprotect.com\/index.php\/2023\/04\/18\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Breach Report: Alcohol recovery startup Monument breaches health records for over 108,000 individuals over 3 years via advertising pixels - Kent Protect\" \/>\n<meta property=\"og:description\" content=\"Monument, an NYC-based alcohol recovery startup, potentially breached the protected health information of over 108,000 individuals over 3 years (and an additional 3 years retroactively via Tempest) via advertising pixels.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kentprotect.com\/index.php\/2023\/04\/18\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\/\" \/>\n<meta property=\"og:site_name\" content=\"Kent Protect\" \/>\n<meta property=\"article:published_time\" content=\"2023-04-18T11:27:10+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-04-21T03:32:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/04\/Monument-Recirc-aa8c55b799424c8193f9bbc8b5e4a57c.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1500\" \/>\n\t<meta property=\"og:image:height\" content=\"999\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Kyler Kent CISSP\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kyler Kent CISSP\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/18\\\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/18\\\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\\\/\"},\"author\":{\"name\":\"Kyler Kent CISSP\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#\\\/schema\\\/person\\\/f9b4d76bd2f5b5559a08ad2e004a1116\"},\"headline\":\"Breach Report: Alcohol recovery startup Monument breaches health records for over 108,000 individuals over 3 years via advertising pixels\",\"datePublished\":\"2023-04-18T11:27:10+00:00\",\"dateModified\":\"2023-04-21T03:32:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/18\\\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\\\/\"},\"wordCount\":561,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/18\\\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/Monument-Recirc-aa8c55b799424c8193f9bbc8b5e4a57c.jpg\",\"keywords\":[\"addiction\",\"advertising\",\"alcohol\",\"been pwned\",\"breach\",\"breach report\",\"breaches\",\"ciso\",\"cloud\",\"computer security\",\"computers\",\"cyber security\",\"cybercrime\",\"cybersecurity\",\"dallas\",\"dark web\",\"data breach\",\"executive\",\"Facebook\",\"have been pwned\",\"have I pwned\",\"haveibeenpwned\",\"hhs\",\"HIPAA\",\"HITECH\",\"I been pwned\",\"I have been pwned\",\"K-12\",\"k12\",\"kent protect\",\"kentprotect\",\"Meta\",\"newyork\",\"pixels\",\"pwned\",\"recovery\",\"startup NYC\",\"summary\",\"texas\",\"treatment\"],\"articleSection\":[\"The Breach Report!\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/18\\\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/18\\\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\\\/\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/18\\\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\\\/\",\"name\":\"Breach Report: Alcohol recovery startup Monument breaches health records for over 108,000 individuals over 3 years via advertising pixels - Kent Protect\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/18\\\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/18\\\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/Monument-Recirc-aa8c55b799424c8193f9bbc8b5e4a57c.jpg\",\"datePublished\":\"2023-04-18T11:27:10+00:00\",\"dateModified\":\"2023-04-21T03:32:05+00:00\",\"description\":\"Monument, an NYC-based alcohol recovery startup, potentially breached the protected health information of over 108,000 individuals over 3 years (and an additional 3 years retroactively via Tempest) via advertising pixels.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/18\\\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/18\\\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/18\\\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\\\/#primaryimage\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/Monument-Recirc-aa8c55b799424c8193f9bbc8b5e4a57c.jpg\",\"contentUrl\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/Monument-Recirc-aa8c55b799424c8193f9bbc8b5e4a57c.jpg\",\"width\":1500,\"height\":999,\"caption\":\"Monument alcohol recovery startup NYC logo\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/18\\\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/kentprotect.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Breach Report: Alcohol recovery startup Monument breaches health records for over 108,000 individuals over 3 years via advertising pixels\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#website\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/\",\"name\":\"Kent Protect\",\"description\":\"Starring the Breach Report! and other security and cybersecurity series\",\"publisher\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/kentprotect.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#organization\",\"name\":\"Kent Protect\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/cropped-FullLogo_Transparent-1-with-KP-Smaller.png\",\"contentUrl\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/cropped-FullLogo_Transparent-1-with-KP-Smaller.png\",\"width\":209,\"height\":161,\"caption\":\"Kent Protect\"},\"image\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#\\\/schema\\\/person\\\/f9b4d76bd2f5b5559a08ad2e004a1116\",\"name\":\"Kyler Kent CISSP\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/Retry-3-150x150.jpg\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/Retry-3-150x150.jpg\",\"contentUrl\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/Retry-3-150x150.jpg\",\"caption\":\"Kyler Kent CISSP\"},\"description\":\"Kyler Kent is a Senior Cybersecurity Analyst on CrowdStrike\u2019s Falcon Complete MDR team, where he helps large enterprises detect, investigate, and contain real intrusions across cloud and hybrid environments. His work spans threat hunting, incident response, and security automation\u2014turning noisy telemetry into clear, repeatable actions that reduce risk quickly. Previously, Kyler served as a Threat Hunting and Intelligence Specialist supporting a critical infrastructure provider in Dallas, and led security automation and operational coordination at CyberConvoy. He holds a Master\u2019s in Cybersecurity Risk Management from Georgetown University and maintains certifications including CISSP, AWS Solutions Architect \u2013 Professional, AWS Security \u2013 Specialty, and multiple CrowdStrike credentials. He writes to close the gap between \u201cwhat the textbook says\u201d and what analysts actually do on shift with his published book: \\\"SOC Analyst Career Guide\\\" (ISBN-13: 9781835467466). https:\\\/\\\/linktr.ee\\\/kentprotect.com Corrections: corrections@kentprotect.com\",\"sameAs\":[\"http:\\\/\\\/kylerkent.com\"],\"url\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/author\\\/kylerkent\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Breach Report: Alcohol recovery startup Monument breaches health records for over 108,000 individuals over 3 years via advertising pixels - Kent Protect","description":"Monument, an NYC-based alcohol recovery startup, potentially breached the protected health information of over 108,000 individuals over 3 years (and an additional 3 years retroactively via Tempest) via advertising pixels.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kentprotect.com\/index.php\/2023\/04\/18\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\/","og_locale":"en_US","og_type":"article","og_title":"Breach Report: Alcohol recovery startup Monument breaches health records for over 108,000 individuals over 3 years via advertising pixels - Kent Protect","og_description":"Monument, an NYC-based alcohol recovery startup, potentially breached the protected health information of over 108,000 individuals over 3 years (and an additional 3 years retroactively via Tempest) via advertising pixels.","og_url":"https:\/\/kentprotect.com\/index.php\/2023\/04\/18\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\/","og_site_name":"Kent Protect","article_published_time":"2023-04-18T11:27:10+00:00","article_modified_time":"2023-04-21T03:32:05+00:00","og_image":[{"width":1500,"height":999,"url":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/04\/Monument-Recirc-aa8c55b799424c8193f9bbc8b5e4a57c.jpg","type":"image\/jpeg"}],"author":"Kyler Kent CISSP","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Kyler Kent CISSP","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kentprotect.com\/index.php\/2023\/04\/18\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\/#article","isPartOf":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/04\/18\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\/"},"author":{"name":"Kyler Kent CISSP","@id":"https:\/\/kentprotect.com\/#\/schema\/person\/f9b4d76bd2f5b5559a08ad2e004a1116"},"headline":"Breach Report: Alcohol recovery startup Monument breaches health records for over 108,000 individuals over 3 years via advertising pixels","datePublished":"2023-04-18T11:27:10+00:00","dateModified":"2023-04-21T03:32:05+00:00","mainEntityOfPage":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/04\/18\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\/"},"wordCount":561,"commentCount":0,"publisher":{"@id":"https:\/\/kentprotect.com\/#organization"},"image":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/04\/18\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\/#primaryimage"},"thumbnailUrl":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/04\/Monument-Recirc-aa8c55b799424c8193f9bbc8b5e4a57c.jpg","keywords":["addiction","advertising","alcohol","been pwned","breach","breach report","breaches","ciso","cloud","computer security","computers","cyber security","cybercrime","cybersecurity","dallas","dark web","data breach","executive","Facebook","have been pwned","have I pwned","haveibeenpwned","hhs","HIPAA","HITECH","I been pwned","I have been pwned","K-12","k12","kent protect","kentprotect","Meta","newyork","pixels","pwned","recovery","startup NYC","summary","texas","treatment"],"articleSection":["The Breach Report!"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kentprotect.com\/index.php\/2023\/04\/18\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kentprotect.com\/index.php\/2023\/04\/18\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\/","url":"https:\/\/kentprotect.com\/index.php\/2023\/04\/18\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\/","name":"Breach Report: Alcohol recovery startup Monument breaches health records for over 108,000 individuals over 3 years via advertising pixels - Kent Protect","isPartOf":{"@id":"https:\/\/kentprotect.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/04\/18\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\/#primaryimage"},"image":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/04\/18\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\/#primaryimage"},"thumbnailUrl":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/04\/Monument-Recirc-aa8c55b799424c8193f9bbc8b5e4a57c.jpg","datePublished":"2023-04-18T11:27:10+00:00","dateModified":"2023-04-21T03:32:05+00:00","description":"Monument, an NYC-based alcohol recovery startup, potentially breached the protected health information of over 108,000 individuals over 3 years (and an additional 3 years retroactively via Tempest) via advertising pixels.","breadcrumb":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/04\/18\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kentprotect.com\/index.php\/2023\/04\/18\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kentprotect.com\/index.php\/2023\/04\/18\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\/#primaryimage","url":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/04\/Monument-Recirc-aa8c55b799424c8193f9bbc8b5e4a57c.jpg","contentUrl":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/04\/Monument-Recirc-aa8c55b799424c8193f9bbc8b5e4a57c.jpg","width":1500,"height":999,"caption":"Monument alcohol recovery startup NYC logo"},{"@type":"BreadcrumbList","@id":"https:\/\/kentprotect.com\/index.php\/2023\/04\/18\/breach-report-alcohol-recovery-startup-monument-breaches-health-records-for-over-108000-individuals-over-3-years-via-advertising-pixels\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/kentprotect.com\/"},{"@type":"ListItem","position":2,"name":"Breach Report: Alcohol recovery startup Monument breaches health records for over 108,000 individuals over 3 years via advertising pixels"}]},{"@type":"WebSite","@id":"https:\/\/kentprotect.com\/#website","url":"https:\/\/kentprotect.com\/","name":"Kent Protect","description":"Starring the Breach Report! and other security and cybersecurity series","publisher":{"@id":"https:\/\/kentprotect.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kentprotect.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kentprotect.com\/#organization","name":"Kent Protect","url":"https:\/\/kentprotect.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kentprotect.com\/#\/schema\/logo\/image\/","url":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/04\/cropped-FullLogo_Transparent-1-with-KP-Smaller.png","contentUrl":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/04\/cropped-FullLogo_Transparent-1-with-KP-Smaller.png","width":209,"height":161,"caption":"Kent Protect"},"image":{"@id":"https:\/\/kentprotect.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/kentprotect.com\/#\/schema\/person\/f9b4d76bd2f5b5559a08ad2e004a1116","name":"Kyler Kent CISSP","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/03\/Retry-3-150x150.jpg","url":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/03\/Retry-3-150x150.jpg","contentUrl":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/03\/Retry-3-150x150.jpg","caption":"Kyler Kent CISSP"},"description":"Kyler Kent is a Senior Cybersecurity Analyst on CrowdStrike\u2019s Falcon Complete MDR team, where he helps large enterprises detect, investigate, and contain real intrusions across cloud and hybrid environments. His work spans threat hunting, incident response, and security automation\u2014turning noisy telemetry into clear, repeatable actions that reduce risk quickly. Previously, Kyler served as a Threat Hunting and Intelligence Specialist supporting a critical infrastructure provider in Dallas, and led security automation and operational coordination at CyberConvoy. He holds a Master\u2019s in Cybersecurity Risk Management from Georgetown University and maintains certifications including CISSP, AWS Solutions Architect \u2013 Professional, AWS Security \u2013 Specialty, and multiple CrowdStrike credentials. He writes to close the gap between \u201cwhat the textbook says\u201d and what analysts actually do on shift with his published book: \"SOC Analyst Career Guide\" (ISBN-13: 9781835467466). https:\/\/linktr.ee\/kentprotect.com Corrections: corrections@kentprotect.com","sameAs":["http:\/\/kylerkent.com"],"url":"https:\/\/kentprotect.com\/index.php\/author\/kylerkent\/"}]}},"_links":{"self":[{"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/posts\/570","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/comments?post=570"}],"version-history":[{"count":3,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/posts\/570\/revisions"}],"predecessor-version":[{"id":604,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/posts\/570\/revisions\/604"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/media\/571"}],"wp:attachment":[{"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/media?parent=570"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/categories?post=570"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/tags?post=570"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}