Thousands of patients' therapy records belonging to an AI powered platform offering mental health treatment were leaked to the web due to a non-password protected database, VPN Mentor reported on Friday.
Over 1.7 million activity logs from online provider Confident Health, which constituted 5.3 terabytes of mental health data, were left exposed online. The breach included psychological profiles and therapy sessions for patients, many of which were telehealth audio and video sessions as well as patient driver’s licenses, medications, and drug tests.
The company operates in five states; Connecticut, New Hampshire, Florida, Virginia, and Texas, and specializes in providing alcohol and drug addiction recovery and other mental health treatments. Confident Health’s philosophy is that "great care should be accessible to those in need and easy for providers to deliver," according to the company website.
Cyber security researcher Jeremiah Fowler discovered an unsecured database link to the Austin-based company.
"I recently discovered a trove of publicly exposed mental health and substance treatment records. Some of these documents contained the names and PII of the patients, counselors, and medical professionals. The patients' records contained images of driver’s licenses, ID cards, insurance cards, Medicaid cards, letters of care listing prescription medication, and medical record requests or waivers. The database also contained diagnostic drug tests indicating names, addresses, and test results for specific substances," Fowler said in his report.
Fowler noted that he saw transcripts of the sessions which are detailed reports of personal family topics, including names of children, parents, partners, and the nature of conflicts and other private issues.
The Confident Health leak is the latest massive data breach to effect U.S.-based consumers. In August, Florida-based National Public Data, a background check company, was hacked exposing the private information and social security numbers for close to 3 billion people worldwide.
James Morley III ✉
James Morley III is a writer with more than two decades of experience in entertainment, travel, technology, and science and nature.
© 2025 Newsmax. All rights reserved.