Findings from Databreaches.net reveal that patient protected health information (PHI) stored by MedData — which serves healthcare organizations including Memorial Hermann, U. of Chicago, Aspirus, and OSF Healthcare – has been stored in GitHub’s Arctic Code Vault – a decommissioned mine 250 meters deep in the permafrost of an Arctic mountain. A former employee was revealed to have saved files to personal folders in public repositories including GitHub.
<p>The revelation that personal information involved in a 2020 breach has wound up in a code archive, on film, stored in a repurposed coal mine in Norway, is fascinating. While it seems unlikely that this information will ever be accessed from the archive, that it happened at all points to the unintended permanency of data stored on the internet. The lesson here for any organization is that their data, especially sensitive data, needs to be protected before it gets into the wrong hands. The saying \"the internet never forgets\" is especially true here, where this breached data will be around for a millennium.</p>