This cube-shaped Raspberry Pi alternative can run both Android and Linux
A full-fledged computer inside a box that measures just eight cubic inches.
Read More
Blog
- Home /
- Blog
Millions of healthcare records exposed in mega data breach
A non-password protected database containing millions of healthcare records and 68.53GB of medical related data has been discovered by security researcher Jeremiah Fowler and the Website Planet research team.
The medical records in the exposed database contained patient IDs, physician notes and other detailed medical data on patients in the US. While some of this data was encrypted, the notes and information on physicians were in plain text.
The physician notes in the database provide intimate details of patient illnesses, treatments, medications, family, social and even emotional issues. In addition to being very complete descriptions, Fowler and the Website Planet research team were surprised by just how many small details were included in these notes.
In a new report, Website Planet warns that if the patient IDs in the database were decrypted and the identities of patients were exposed, it would be easy to see the medical issues or diagnoses of the patients whose medical data was left unsecured online.Â
Deep6.AI
Upon further investigation, Fowler and the Website Planet research team discovered multiple references to Deep6.AI including internal emails and usernames.
According to Deep6.AI's website, the company's software “identifies patients with conditions not explicitly mentioned in medical recordsâ€. As a result, its software is used to find patients who better match the criteria for medical trials in a fraction of the time it normally takes.
In total, Fowler and the Website Planet research team found 21m records exposing lab results and medicine details, 422m patient records and a provider index containing 89k records exposing physician names, internal patient ID numbers, document locations and CSV files and other potentially sensitive information. The database in question was also at risk of falling victim to a ransomware attack as it was publicly accessible to anyone with an internet connection.
After discovering the database, Fowler and the Website Planet research team immediately sent a responsible disclosure notice to Deep6.AI and public access was restricted shortly after. However, their discovery is yet another example of how leaving a database unsecured can put sensitive company and user data at risk online.
Concerned about your security online? Protect your devices with the best antivirus software and your identity with the best identity theft protection
Date
27 Oct 2021Sources
Other Blog
-
-
Best Buy Presidents' Day sale: deals on TVs, appliances, laptops, and more
The Best Buy Presidents' Day sale is live and we've rounded up the best deals on TVs, appliances, laptops, tablets, and more.
Read More -
Salesforce wants to make it easier to do business after the pandemic
Salesforce's latest Sales Cloud innovations aim to help sales teams drive growth for their organizations while working from anywhere.
Read More -
Asus launches new 'Expert' series of PCs, laptops in India
These new laptops will add to the existing range of mobile phones, gaming and professional lineups apart from other computing peripherals.
Read More
Find Out More About Us
Want to hire best people for your project? Look no further you came to the right place!