Like givesomefucks said, it’s probably not that they were actually after that information specifically, but that it just got caught up in regular website analytics that services put on their sites. You can still infer a lot about a person’s health information by just looking at the URLs they visit, so I’d say it is a concern but I’m not sure it should go beyond companies/agencies/organizations needing to know about the risks and a “stop doing this” warning. If analytics services were doing this intentionally and evaluating and using that data explicitly at the direction of some human in their company, then I think it would be a much bigger issue and a much bigger story.
It’s basically similar to this example from the health field:
https://www.ftc.gov/news-events/news/press-releases/2023/07/ftc-hhs-warn-hospital-systems-telehealth-providers-about-privacy-security-risks-online-tracking
Like givesomefucks said, it’s probably not that they were actually after that information specifically, but that it just got caught up in regular website analytics that services put on their sites. You can still infer a lot about a person’s health information by just looking at the URLs they visit, so I’d say it is a concern but I’m not sure it should go beyond companies/agencies/organizations needing to know about the risks and a “stop doing this” warning. If analytics services were doing this intentionally and evaluating and using that data explicitly at the direction of some human in their company, then I think it would be a much bigger issue and a much bigger story.