Attivo Networks Blogs

Speech recognition software firm breach exposes thousands of patient records

SC media logo

Burlington, Mass.-based speech recognition software firm Nuance announced the breach of thousands of patient records after a third party gained unauthorized access

A former Nuance employee breached Nuance’s servers and accessed the personal information of 45,000 individuals from several contracted clients between November 20 and December 9 of 2017 and was first announced during a May 10 SEC filling.

Names, dates of birth, medical record numbers, patient numbers, and information dictated by the provider such as patient condition, assessment, diagnosis, treatment, care plan and date of service, and the information of approximately 900 San Francisco Department of Public Health patients were affected, according to a May 11 press release.

“The San Francisco Department of Public Health is committed to maintain the privacy of our patients and takes its responsibility to address privacy incidents seriously,” San Francisco Health Network Director Roland Pickens said in the release. “We sincerely apologize for any inconvenience or concern that this situation may cause. All of our vendors are required to attest to the protection of patient privacy, as part of their contract, and we continue to audit and improve upon that process.”

The company discovered the breach in December 2017 however, patient notification was delayed at the request of the FBI and the U.S. Department of Justice, pending their criminal investigation into the incident.

The investigation resulted in the identification of the third party responsible for the incident as well as the recovery of the accessed reports.


Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free


Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

Newsletter Signup

    Yes, please opt me in to receive your quarterly newsletter, event invitations, and product updates.

    I understand that I can opt out at any time, and can refer to Attivo Networks Privacy Policy for more information.
  • This field is for validation purposes and should be left unchanged.

ADSecure 90-Day Free Trial


  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise


Leave a Comment

Your email address will not be published.

2 × two =

Ready to find out what’s lurking in your network?

Scroll to Top