Seoul National University Hospital has reported a leak of medical records affecting over 16,000 patients due to an email misdelivery incident that took place on the afternoon of October 14. During a routine email exchange among hospital staff, one employee incorrectly input an email address, resulting in sensitive patient information being sent to an external individual. This information included details such as the mother's name, patient numbers for both mother and newborn, birthdate, basic physical statistics, obstetric history, and sensitive medical results. However, the hospital clarified that personal identifying details such as the national identification number and mobile phone numbers were not part of the leaked data, thereby preventing any potential identification of individuals.

The hospital became aware of the breach through a report by the staff member who sent the email. They confirmed that the system indicated the email had not been opened and subsequent deletion requests for the email were also confirmed to be in the same state. The hospital took immediate action by contacting the email service provider and reported the incident to the Personal Information Protection Commission and the Ministry of Education in South Korea. They have urged any concerned parties to reach out to the hospital's information security team or relevant authorities if they suspect any misuse of the leaked information.

This breach raises significant concerns regarding patient privacy and the handling of personal health information, especially in a high-profile institution such as Seoul National University Hospital. Incidents like this highlight the need for stringent protocols and oversight in managing sensitive data, emphasizing a broader dialogue on data protection standards in the healthcare sector. Such an event can adversely impact patient trust and the institution's reputation, necessitating a thorough investigation and accountability measures moving forward.