Facepalm: When it comes to digital data management and user privacy, disgruntled former employees can become a threat for a number of reasons. Such an incident occurred in November 2023, with Microsoft indirectly involved as the owner of the biometrics company used by a major healthcare provider.
Geisinger Health, one of the leading healthcare providers in the US, suffered a troublesome security breach after a former Nuance employee accessed patient data without authorization. Sensitive information on hundreds of thousands of people may have been stolen, though the extent of the misuse is unclear currently.
Nuance, a voice recognition company acquired by Microsoft in 2021 for $19.7 billion, provides IT services to Geisinger, which operates 13 hospitals and serves over 600,000 commercial and government members. The security incident occurred in November, and Geisinger was immediately informed by Nuance about the improper access by the former staffer.
Both companies launched investigations and were required by US law enforcement agencies to delay notifying affected patients until now. Nuance’s investigation confirmed that the former worker
Microsoft subsidiary Nuance blamed for data-stealing incident caused by a former employee
