Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 16 submissions in the queue.

Submission Preview

No link to story available

Two Alcohol Recovery Startups Just Got Caught Sharing Private User Data

Accepted submission by upstart at 2023-04-06 22:53:16
News

████ # This file was generated bot-o-matically! Edit at your own risk. ████

Two alcohol recovery startups just got caught sharing private user data [engadget.com]:

Online alcohol recovery startups Monument and Tempest got caught sharing confidential user data with advertisers without their consent, as originally reported by TechCrunch [techcrunch.com]. Everything came to light after an internal review revealed a data breach impacting 100,000 users, forcing the companies to issue a formal disclosure [documentcloud.org] to the user base. The violations started in 2017 and were ongoing until last month's review.

Monument and Tempest started as two entirely different platforms, but the former acquired the latter [twitter.com] several months back. Parent company Monument confirmed not only the data breach but that the companies shared private information with advertisers via a notification filed with California’s attorney general. Data shared with advertisers, without user consent, includes patient names, dates of birth, email addresses, postal addresses, phone numbers, insurance information and more.

Unfortunately, that is just the beginning. In a cruel insult to those seeking recovery, the companies also shared data related to appointment information, assessment information and survey responses, which includes alcohol consumption data. Monument continues to tout its commitment to privacy on its website [joinmonument.com], saying that survey responses are “protected" [joinmonument.com] despite the recent disclosure

The companies blame third-party tracking systems for the issue, stating that they have removed the offending tracking codes from their websites. The companies do not admit to sharing this information on purpose to increase profits, indicating that the tracking pixels provided by third parties did the deed all on their own.Subscribe to the Engadget Deals Newsletter

Great deals on consumer electronics delivered straight to your inbox, curated by Engadget’s editorial team. See latest [yahoo.net]

Subscribe

Please enter a valid email address

Please select a newsletter

By subscribing, you are agreeing to Engadget's Terms [yahoo.com] and Privacy Policy [yahoo.com].

Though this is an especially egregious example, it is important to remember that most companies have a less-than-pristine record regarding data privacy, even in the case of medical records. There is a near-endless list of similar violations, like the time a mental health startup shared patient information [engadget.com] without consent and when Meta was caught [engadget.com] with its own hand in the digital cookie jar. Be careful out there folks.


Original Submission