2 min read

Leaky Databases Expose over 45 Million Medical Images and Patient Data

Alina BÎZGĂ

December 16, 2020

Leaky Databases Expose over 45 Million Medical Images and Patient Data

Unsecured servers and medical devices around the world are leaking over 45 million medical imaging files and associated healthcare data, according to researchers.

A six-month investigation into Network Attached Storage (NAS) and Digital Imaging and Communications in Medicine (DICOM) conducted by the analyst team at CybelAngel has found millions of sensitive medical records and images, including X-rays, CT scans and MRI images, left unencrypted on unsecure servers.

Were you a victim of a data breach? Time to find out with Bitdefender”s Digital Identity Protection tool.

“The analysts found that openly available medical images, including up to 200 lines of metadata per record which included PII (personally identifiable information; name, birth date, address, etc.) and PHI (height, weight, diagnosis, etc.), could be accessed without the need for a username or password,” CybelAngel said. “In some instances login portals accepted blank usernames and passwords.”

What makes their findings even more concerning is the simplicity with which they were able to access the medical data, since none of the databases required a username or password.  

“The fact that we did not use any hacking tools throughout our research highlights the ease with which we were able to discover and access these files,” David Sygula of CybelAngel said. “This is a concerning discovery and proves that more stringent security processes must be put in place to protect how sensitive medical data is shared and stored by healthcare professionals. A balance between security and accessibility is imperative to prevent leaks from becoming a major data breach.”

During their investigation, the researchers scanned 4.3 billion IP addresses, which led to the discovery of over 2,140 unprotected servers across 67 countries including the United States, UK, France and Germany.

The report also highlights risks to victims, as bad actors could use the information in ransomware attacks and blackmail. Medical data costs a pretty penny on black markets, and can be used for various forms of fraud and medical identity theft. The researchers advise healthcare organizations to ensure proper network segmentation of connected medical imaging equipment and conduct audits of third-party partners to check for nonconformities within security policies and protocols.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

The UK Government Plans to Make Digital Identities Secure and Trusted Official Documents The UK Government Plans to Make Digital Identities Secure and Trusted Official Documents
Alina BÎZGĂ

July 21, 2021

1 min read
Dozens of Facebook Engineers Illegally Accessed Private User Data, New Book Says Dozens of Facebook Engineers Illegally Accessed Private User Data, New Book Says
Silviu STAHIE

July 15, 2021

1 min read
Are you a TikToker? Check Out These Eight Security Tips to Help You Minimize Your Digital Footprint and Stay Safe Online Are you a TikToker? Check Out These Eight Security Tips to Help You Minimize Your Digital Footprint and Stay Safe Online
Alina BÎZGĂ

July 14, 2021

5 min read