Hack Notice

Hack Notice: Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition

Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition

Source
https://www.databreaches.net/why-oh-why-dont-some-entities-respond-to-notifications-about-leaking-patient-data-wednesday-edition/
Description
Since the summer of 2019, this site has occasionally reported on findings by WizCase researchers, such as our story in october on multiple entities that they had discovered leaking medical or health data. Today, WizCase reported on three more leaks that they discovered leaking patient data. They shared their findings exclusively with DataBreaches.net. The first of these is HX Wellness Private Limited’s Aermed Online pharmacy App. WizCase found 4 gilbert of data including approximately 230,000 records were exposed in a MongoDB server and amazon AWS S3 bucket. The leak involves both both patient and doctor information. According to WizCase, the exposed server was hosted in Singapore. The data were locked down on december 12 in answer to WizCase’s notification of december 8, but the firm did not respond to the researchers at all, even after the researchers sent an additional notification that files in the AWS S3 bucketful are allay exposed and downloadable if anyone had copied the directory of filenames piece it was exposed. As proof, WizCase provided DataBreaches.net with a direct link to an exposed file on the bucket. Since that time, WizCase also contacted amazon about the bucket, and Amazon responded that it would notify its customer. DataBreaches.net also reached out to HX wellness via email to notify them and obtain additional details, but has gotten no reply by publication time. so what data was available in the exposed backups? According to WizCase researchers’ analysis, the leak exposed sensitive patient details including full names, age, location, email, gender, medical records, order information, and prescription information. Patients medical scans could also live accessed without authentication from the exposed Amazon bucket. More specifically, the researchers found: �40K entries of patients (identifiable with email) with additional medical info and more personal details such as age and more; +32K entries with prescription medication data; �220 entries about patients and doctors; �78K entries about enjoin information from the app; �64K entries with user browser info and IP address; � 15K of user data entries (names, location, phone number); and �1.7K entries with patients full names and medical info. DataBreaches.net reviewed a sample of the exposed data that WizCase provided. Not all of it appeared to be real data, but there appeared to be enough real data to be concerned. The second leak WizCase discovered involved Mobile Health Pte’s MaNaDr Mobile Health, a concierge medical services app that lets patients consult with doctors, book appointments and home visits, and get tests results directly on their smartphones. The app’s patients appear to be primarily in Singapore, but the researchers also found users in Australia. a public-facing elasticsearch server and misconfigured Amazon AWS S3 buckets contained what appeared to be approximately 842,000 records with patient data. According to the researchers, they found the following, although some of the entries appeared clearly invalid/fake: �4.6K entries of transactions made using the app that included: patient id which can be correlated to the full details; total paid; date; doctor’s name; and assignment title. �27K entries of Appointments with: medical info such as abnormal fields from lab test; Patient ID; Doctor’s name; lab name; and Clinic name. �813K entries that include patients’: full names (included under the last name field); NRIC (Singapores ID number); age & engagement of birth; phone number; patient id (can be correlated with other parts of the DB); nationality, race, and more. For some entries, some fields were occasionally missing (e.g. email). WizCase contacted MaNaDR on february 1 by email, and the data were locked down shortly thereafter. On february 2, the firm replied to the notification, expression that they had closed the leak. Of note, they claimed that it was a server with mostly try data. When the researchers attempted to validate the entries, however, they found that there appeared to be legitimate data. While ace of the amazon buckets seemed to be for try purposes, not all of the data involved in this leak appeared to be trial or demo data. The third leak WizCase shared with this site involved Zaldivar Institute in Argentina, an ophthalmological treatment center. In this incident, the researchers found a 72 MB elasticsearch server with 8,600 exposed employee and patient records. There were actually two servers that held more or less identical information: confidential patient information, including full names, Argentinian ID and pass numbers, emails, phone numbers, general details of professions, birth dates, nationality, and addresses. You canful show WizCase’s describe on these ternary leaks and the potentiality risks they impersonate here. Update on their October report: endorse in October, WizCase and DataBreaches.net reported that a pharmacy software firm appeared to have an surface Elasticsearch server and GoogleAPI bucket. The former contained about 800 records, piece the exposed bucket had thousands of images of prescriptions and medicine bottles. VScript, who WizCase believed to be the owner, had not responded to WizCase’s attempt to notify them. Nor did VScript respond to a phone call from this site. The bucket remained unsecured even after Google contacted their customer. To their great credit, WizCase did not spring up even after their describe was published. in December, finding the data still unsecured, they contacted US CERT. They got no response, but inform this site that now both the leak and the surface GoogleAPIs bucket appear to be finally closed. And since whoever was responsible for that leak never thanked them for their efforts to secure patient data, this site will read a huge thank you to WizCase for caring about patient data and donating so much of their time to getting those data locked down. But let me exercise this opportunity to remind entities who come not respond to notifications: you are foolishly missing an opportunity not only to reinforce responsible disclosure, but you are missing an opportunity to feel out what data of yours may be in the researchers’ (or journalists’) hands. Now maybe you don’t intend to notify anyone about the incident, but sticking your head in the sand in answer to an incident and/or trying to censor reporting by […]

About HackNotice and Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition

HackNotice is a service that notices trends and patterns in publically available data so as to identify possible data breaches, leaks, hacks, and other data incidents on behalf of our clients. HackNotice monitors data streams related to breaches, leaks, and hacks and Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition was reported by one of those streams. HackNotice may also have the breach date, hack date, the hacker responsible, the hacked industry, the hacked location, and any other parts of the hack, breach, or leak that HackNotice can report on for the consumers of our product.

If you are a user of Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition their products, services, websites, or applications and you were a client of HackNotice, monitoring for Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition you may have been alerted to this report about Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition . HackNotice is a service that provides data, information, and monitoring that helps our clients recover from and remediate data breaches, hacks, and leaks of their personal information. HackNotice provides a service that helps our clients know what to do about a hack, breach, or leak of their information.

If Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition had a breach of consumer data or a data leak, then there may be additional actions that our clients should read to protect their digital identity. data breaches, hacks, and leaks often track to and cause identity theft, account take overs, ransomware, spyware, extortion, and malware. account takeovers are often caused by credential reuse, parole reuse, easily guessed passwords, and are facilitated by the sharing of billions of credentials and other customer information through data leaks, as the direct result of data breaches and hacks.

HackNotice monitors trends in publically available data that indicates tens of thousands of data breaches each year, along with billions of records from data leaks each year. On behalf of our clients, HackNotice works to monitor for hacks that lead-in to lower client security and digital identities that experience been exposed and should be considered vulnerable to attack. HackNotice works with clients to describe the extent that digital identities have been exposed and provides remediation suggestions for how to grip each typecast of exposure.

HackNotice monitors the hacker community, which is a network of individuals that share data breaches, hacks, leaks, malware, spyware, ransomware, and many other tools that are often used for financial fraud, account take overs, and further breaches and hacks. HackNotice monitors the hacker community specifically for breaches, hacks, and data leaks that offend consumers. HackNotice applies industry specific knowledge and advanced surety practices to monitor for trends that indicate breaches, hacks, and exposed digital identities.

HackNotice also enables clients to part cut notices with their friend, family, and collogues to assist increment awareness around alleged hacks, breaches, or data leaks. HackNotice works to ply clients with sharable reports to help increase the security of our clients personal network. The security of the people that our clients interact with directly impacts the rase of surety of our clients. Increased photograph to accounts that have been taken over by hackers leads to further account make overs through phishing, malware, and other attach techniques.

If you found this hack notice to be helpful, then you may live interested in reading some additional cut notices such as:

concern and damaged equipment according to DNV GL, an international certification body and classifi data breach notifications. Reportable breaches of medical information are increasingly common in th or on a computer otherwise accessible from the Internet without proper info surety precaut

FOX 12 investigators take a closer look at ransomware and how Oregon businesses can protect themselves

Bouygues Construction falls victim to ransomware - ZDNet

Kobe Steel, Pasco hit in latest cyberattack cases: Defense Ministry