The University of Iowa Health Care (UIHC) recently sent letters to 5,300-plus patients whose personal identifying data was left exposed for more than two years (May 2015 to 2017) by an unidentified employee. The UIHC explained to their patients that during the course of developing a UIHC web application, one of their software developers pushed the data to an open-source website used for storage (not further identified) and also used by web developers.

Read full news article on