Facebook Tried to Gather Medical Records for ‘Research,’ Report Says

Today’s topics include a new report alleging that Facebook sought access to medical records for pharmaceutical ads and more consumers victimized by a third-party data breach. 

After Facebook’s acknowledgment that nearly all of its 2.2 billion users have had their profile data scraped at one time or another, a report Friday noted that Facebook sent a doctor on a secret mission to obtain medical records from a number of major hospitals.

According to the report published by CNBC, Facebook dispatched a physician to a number of major hospitals attempting to negotiate the release of patient medical records.

In a statement by Facebook to CNBC, the company claimed that the data would be used strictly for research. However, the report stated Facebook has been pitching the ability to target potential users of medications to pharmaceutical companies for advertising. [On April 9 a Facebook spokesperson stated that “this initiative did not go past the initial planning phase and we have paused discussions altogether to focus elsewhere.”]

Multiple organizations have reported that their customers were put at risk due to a breach from third-party services vendor [24]7.ai, which provides a chat widget used by the impacted sites.

Among the companies whose customers may be have been impacted by the breach are Best Buy, Delta Airlines and Sears Holdings. Delta and Sears both revealed they were victims of the [24]7.ai breach on April 4, while Best Buy admitted to being a victim on April 5.

"[24]7.ai discovered and contained an incident that was potentially affecting the online customer payment information of a small number of our client companies, and affected clients have been notified," [24]7.ai wrote in a statement.

"The incident began on Sept. 26 [of last year], and was discovered and contained on Oct. 12." It's currently unclear how many customers the breach may have impacted.