Ohio Medical Alliance Exposes 957,000 Medical Marijuana Patient Records, Including SSNs

The Ohio Medical Alliance has exposed a database containing sensitive information of 957,000 medical marijuana patients, including Social Security Numbers (SSNs), medical records, and other personally identifiable information (PII). This significant data breach was discovered by cybersecurity researcher Jeremiah Fowler. The exposure of such a large volume of sensitive data highlights critical vulnerabilities in healthcare data security practices. Healthcare data is highly regulated and protected under laws like HIPAA in the United States, making this breach particularly concerning. The exposed data can be exploited for identity theft, fraud, and other malicious activities, posing severe risks to the affected individuals. This incident underscores the importance of implementing robust security measures, such as regular security audits, strong access controls, and encryption of sensitive data. It also serves as a reminder for healthcare organizations to ensure compliance with relevant regulations to avoid legal repercussions and protect patient privacy. Cybersecurity professionals should use this incident as a case study to reinforce the necessity of proactive security measures and continuous monitoring to prevent similar breaches in the future.