A top HIV Clinic in London is apologizing big time Wednesday after it accidentally violated the privacy of nearly 800 of its patients by revealing their HIV positive statuses thanks to an embarrassing email error.

The mishap occurred Tuesday, when an undisclosed 56 Dean Street employee sent out an email newsletter intended for people using its HIV and other sexual health services, but forgot to hide the contact list–therefore revealing the identity of almost 800 patients affiliated with the establishment.

Realizing what had happened, the clinic quickly sent out an email apology within hours to its patients courtesy of Dr Alan McOwan, Chelsea and Westminster hospital NHS trust’s director for sexual health.

Identities of nearly 800 HIV-positive patients revealed after email blunder at NHS clinic http://t.co/4QPmfsi7Ne pic.twitter.com/nJjZacCsQX

— Daily Mail U.K. (@DailyMailUK) September 2, 2015

The email read:

I’m writing to apologise to you. This morning at around 11.30am we sent you the latest edition of Option E newsletter. This is normally sent to individuals on an individual basis, but unfortunately we sent out today’s email to a group of email addresses. We apologise for this error. We recalled/deleted the email as soon as we realised what had happened. If it is still in your inbox please delete it immediately. Clearly this is completely unacceptable. We are urgently investigating how this has happened and I promise you that we will take steps to ensure it never happens again. We will send you the outcome of the investigation.”

When later interviewed by a London reporter, Dr. McOwan also had this video message for the public.

VIDEO: Boss here at 56 Dean St sexual health surgery will not quit over huge #HIV info leak. My report on @LBC at 3pm pic.twitter.com/gkg5r9SKIX

— Connor Gillies (@ConnorGillies) September 2, 2015

However, demanding that people immediately delete an email that they may or may not have already seen because it contains things they shouldn’t see has exactly the opposite desired effect–it only calls more attention to the damning material.

Case in point, one anonymous patient of 56 Dean St, whose boyfriend also received the email, told Buzzfeed that when he received the email he was outraged. He then said,

I thought it was disgusting that I was seeing a massive list of their patients. It’s not difficult to deduce the HIV status of every single one of those people. So I have their full names, their email address. I could easily put any of those details into Facebook and bring up pictures and personal details.

He went on to add,

There were people on there I recognised. It made me uncomfortable for them and for myself that I’m finding out information that they may not have wanted me to know.

Despite the nature of the email, the clinic has noted numerous times that not all of the recipients of the email were necessarily HIV-positive, but in effect having their names associated with the breach unavoidably associates them with the disease.

A 56 Dean Street spokesman told the Guardian that the breach boils down to a “human mistake” and that the employee responsible was distraught. Health Secretary Jeremy Hunt has also ordered an inquiry into the incident. While this very well may have been a mistake and the person responsible may feel bad about it, that doesn’t make up for this horrible breach of doctor patient confidentiality. He or she should also be immediately ordered to install Google’s new “undo-send” feature, in the hopes of preventing a breach like this moving forward. Technology certainly makes treating patients easier, but it also can mean a more careful hand is needed when handling sensitive information.

Alexis Evans

Alexis Evans is an Assistant Editor at Law Street and a Buckeye State native. She has a Bachelor’s Degree in Journalism and a minor in Business from Ohio University. Contact Alexis at aevans@LawStreetMedia.com.

The post HIV Clinic Accidentally Releases Identities of Hundreds of its Patients appeared first on Law Street.

If you’ve been on the internet in the last few days, you’ve probably seen news stories about a massive leak of celebrity nude photos. In a rather uncouth display, the mass release has been dubbed “The Fappening” by the internet. It’s a mix of “The Happening,” and…I’ll let you figure out the other part on your own. Celebrities included on the steadily growing list include Jennifer Lawrence, Rihanna, Mary Elizabeth Winstead, Kirsten Dunst, Kaley Cuoco, Ariana Grande, Kate Upton, Victoria Justice, and more. Some, like Mary Elizabeth Winstead, have acknowledged that the photos were real, while others like Victoria Justice claim they are fakes.

The pictures mostly surfaced on reddit and 4chan beginning on August 31. The photos then made their way to Twitter and other more mainstream sites. Most of the photos seem to have been obtained through hacking iCloud accounts. Put extremely simply, that means that the photos had been stored by the celebrity users to their personal accounts that included storage in the iCloud network. Benefits of the iCloud include the ability to access it from multiple accounts and locations, as well as freeing up space on a hard drive or other storage device.

How exactly the hackers obtained the nude photos is uncertain — they could have exploited a security flaw that Apple was unaware of, or they could have obtained the celebrities’ emails and then managed to gain access to their passwords by guessing security questions or some other method. Since celebrities seem to have been specifically targeted, the average user probably shouldn’t be too worried about sensitive material being stolen off their clouds right now — but the whole controversy does raise questions about cloud-type storage. The FBI has now gotten involved in the scandal and it appears to be searching for the hacker(s) who managed to get into the iCloud accounts and released the photos.

The whole fact that the photos got out in the first place is concerning. Celebrity pictures are leaked frequently, but usually just one or two. These leaks encompass hundreds, perhaps thousands, of photographs of young women whose privacy was seriously invaded for no other reason than the fact that they are both attractive and good at their jobs. And not only have their private accounts been hacked, the omnipresent internet trolls are more than willing to make fun of them for their concerns. Many have said that because the women took the pictures and uploaded them to the cloud at all, they deserve to have them released en masse.

Seriously? These women took pictures in the privacy of their own homes, with no intention of releasing them to the public. True, uploading them to a possibly hackable network was their own choice, but it was far from a damnable one. Imagine that these women had nude pictures taken of them by a peeping tom or a stalker. I have to think the public outcry would be greater — at least I hope it would be — but I don’t really see a huge difference. Either way, privacy is being ignored. The photos that have been leaked were stolen, plain and simple. And now that they’re out there, they’re going to be almost impossible to get down.

There’s a reason that one of the classic nightmare archetypes is realizing that you’re naked somewhere. I have a feeling that even if you’re a famous celebrity, that holds true. To all the people who are looking at the photos right now, please remember that those are real people who did not consent to have these pictures released to the public. Remember that before you look, and think about how you’d feel to have the entire world see your naked photos. I have a feeling it’s eerily similar to a nightmare.

Anneliese Mahoney

Anneliese Mahoney is Managing Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.

The post Massive Celebrity Nude Photo Leak is Major Privacy Breach appeared first on Law Street.