Serviceaide AI Platform Implicated in Health Data Exposure Affecting 483,000 Catholic Health Patients

May 9, 2025

An unsecured Elasticsearch database within the agentic AI infrastructure of Serviceaide exposed sensitive health data from 483,000 Catholic Health patients. The compromised information included medical records, insurance details, and login credentials. Although no misuse has been confirmed, the incident has triggered regulatory scrutiny and legal investigations to ensure safe and secure AI practices.

Learn how HISPI Project Cerebellum TAIM can help implement guardrails for AI and prevent such incidents in the future. Join us today at JOIN US.

Matched TAIM controls

Suggested mapping from embedding similarity (not a formal assessment). Browse all TAIM controls

MEASURE 2.10 — similarity 0.687, rank 1. TAIM detail and related incidents →
MAP 4.1 — similarity 0.685, rank 2. TAIM detail and related incidents →
MAP 1.6 — similarity 0.682, rank 3. TAIM detail and related incidents →

Alleged deployer: serviceaide
Alleged developer: serviceaide
Alleged harmed parties: patients-of-catholic-health, catholic-health

Source

Data from the AI Incident Database (AIID). Cite this incident: https://incidentdatabase.ai/cite/1070

Data source

Incident data is from the AI Incident Database (AIID).

When citing the database as a whole, please use:

McGregor, S. (2021) Preventing Repeated Real World AI Failures by Cataloging Incidents: The AI Incident Database. In Proceedings of the Thirty-Third Annual Conference on Innovative Applications of Artificial Intelligence (IAAI-21). Virtual Conference.

Pre-print on arXiv · Database snapshots & citation guide

We use weekly snapshots of the AIID for stable reference. For the official suggested citation of a specific incident, use the “Cite this incident” link on each incident page.