Hack Notice

Hack Notice: Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition

Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition

Source
https://www.databreaches.net/why-oh-why-dont-some-entities-respond-to-notifications-about-leaking-patient-data-wednesday-edition/
Description
Since the summer of 2019, this site has occasionally reported on findings by WizCase researchers, such as our account in October on multiple entities that they had discovered leaking medical or health data. Today, WizCase reported on three more leaks that they discovered leaking patient data. They shared their findings exclusively with DataBreaches.net. The first of these is HX Wellness Private Limited’s Aermed Online Pharmacy App. WizCase found 4 gb of data including approximately 230,000 records were exposed in a MongoDB server and amazon AWS S3 bucket. The leak involves both both patient and doctor information. According to WizCase, the exposed server was hosted in Singapore. The data were locked down on december 12 in response to WizCase’s notification of december 8, but the firm did not answer to the researchers at all, even after the researchers sent an additional notification that files in the AWS S3 bucket are still exposed and downloadable if anyone had copied the directory of filenames piece it was exposed. As proof, WizCase provided DataBreaches.net with a direct link to an exposed file on the bucket. Since that time, WizCase also contacted Amazon about the bucket, and amazon responded that it would notify its customer. DataBreaches.net also reached out to HX Wellness via email to notify them and obtain additional details, but has gotten no reply by publication time. so what data was available in the exposed backups? According to WizCase researchers’ analysis, the leak exposed sensitive patient details including full names, age, location, email, gender, medical records, enjoin information, and prescription information. Patients medical scans could also be accessed without certification from the exposed Amazon bucket. More specifically, the researchers found: �40K entries of patients (identifiable with email) with additional medical info and more personal details such as age and more; +32K entries with prescription medication data; �220 entries about patients and doctors; �78K entries about order info from the app; �64K entries with user browser info and IP address; � 15K of user data entries (names, location, phone number); and �1.7K entries with patients full names and medical info. DataBreaches.net reviewed a sample of the exposed data that WizCase provided. Not all of it appeared to live real data, but there appeared to live enough real data to be concerned. The indorsement leak WizCase discovered involved Mobile health Pte’s MaNaDr Mobile Health, a concierge medical services app that lets patients consult with doctors, book appointments and home visits, and capture tests results directly on their smartphones. The app’s patients seem to be primarily in Singapore, but the researchers also found users in Australia. a public-facing elasticsearch server and misconfigured Amazon AWS S3 buckets contained what appeared to be approximately 842,000 records with patient data. According to the researchers, they found the following, although some of the entries appeared clearly invalid/fake: �4.6K entries of transactions made using the app that included: patient ID which can be correlated to the full details; total paid; date; doctor’s name; and appointment title. �27K entries of Appointments with: medical information such as abnormal fields from lab test; Patient ID; Doctor’s name; Lab name; and Clinic name. �813K entries that include patients’: full names (included under the last name field); NRIC (Singapores id number); age & engagement of birth; phone number; patient ID (can be correlated with other parts of the DB); nationality, race, and more. For some entries, some fields were occasionally missing (e.g. email). WizCase contacted MaNaDR on february 1 by email, and the data were locked down shortly thereafter. On February 2, the firm replied to the notification, saying that they had closed the leak. Of note, they claimed that it was a server with mostly trial data. When the researchers attempted to validate the entries, however, they found that there appeared to be legitimate data. While single of the Amazon buckets seemed to live for try purposes, not all of the data involved in this leak appeared to be examine or demo data. The third leak WizCase shared with this site involved Zaldivar institute in Argentina, an ophthalmological handling center. In this incident, the researchers found a 72 MB elasticsearch server with 8,600 exposed employee and patient records. There were actually two servers that held more or less identical information: confidential patient information, including full names, Argentinian ID and passport numbers, emails, phone numbers, general details of professions, birth dates, nationality, and addresses. You can read WizCase’s story on these trinity leaks and the potential risks they pose here. Update on their october report: indorse in October, WizCase and DataBreaches.net reported that a pharmacy software firm appeared to get an surface Elasticsearch server and GoogleAPI bucket. The former contained about 800 records, while the exposed bucketful had thousands of images of prescriptions and medicine bottles. VScript, who WizCase believed to be the owner, had not responded to WizCase’s attempt to notify them. Nor did VScript respond to a phone telephone from this site. The bucket remained unsecured even after Google contacted their customer. To their great credit, WizCase did not gift up even after their report was published. In December, finding the data allay unsecured, they contacted US CERT. They got no response, but inform this site that now both the leak and the surface GoogleAPIs bucket appear to be finally closed. And since whoever was responsible for that leak never thanked them for their efforts to secure patient data, this site will say a huge thank you to WizCase for caring about patient data and donating so much of their time to getting those data locked down. But let me use this opportunity to remind entities who come not respond to notifications: you are foolishly missing an opportunity not only to reinforce responsible disclosure, but you are missing an opportunity to bump out what data of yours may be in the researchers’ (or journalists’) hands. Now maybe you don’t intend to notify anyone about the incident, but sticking your head in the sand in reception to an incident and/or trying to censor reporting by […]

About HackNotice and Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition

HackNotice is a service that notices trends and patterns in publically available data so as to identify possible data breaches, leaks, hacks, and other data incidents on behalf of our clients. HackNotice monitors data streams related to breaches, leaks, and hacks and Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition was reported by one of those streams. HackNotice may also have the breach date, hack date, the hacker responsible, the hacked industry, the hacked location, and any other parts of the hack, breach, or leak that HackNotice can report on for the consumers of our product.

If you are a user of Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition their products, services, websites, or applications and you were a client of HackNotice, monitoring for Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition you may have been alerted to this report about Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition . HackNotice is a service that provides data, information, and monitoring that helps our clients recover from and remediate data breaches, hacks, and leaks of their personal information. HackNotice provides a service that helps our clients know what to do about a hack, breach, or leak of their information.

If Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition had a transgress of consumer data or a data leak, then there may be additional actions that our clients should take to protect their digital identity. Data breaches, hacks, and leaks often conduct to and reason identity theft, account read overs, ransomware, spyware, extortion, and malware. account takeovers are often caused by credential reuse, password reuse, easily guessed passwords, and are facilitated by the sharing of billions of credentials and other customer information through data leaks, as the direct result of data breaches and hacks.

HackNotice monitors trends in publically available data that indicates tens of thousands of data breaches each year, along with billions of records from data leaks each year. On behalf of our clients, HackNotice works to monitor for hacks that lead-in to lower node security and digital identities that experience been exposed and should live considered vulnerable to attack. HackNotice workings with clients to identify the extent that digital identities have been exposed and provides remediation suggestions for how to handle each type of exposure.

HackNotice monitors the hacker community, which is a network of individuals that share data breaches, hacks, leaks, malware, spyware, ransomware, and many other tools that are often used for financial fraud, account take overs, and further breaches and hacks. HackNotice monitors the hacker community specifically for breaches, hacks, and data leaks that offend consumers. HackNotice applies industry specific knowledge and advanced security practices to monitor for trends that indicate breaches, hacks, and exposed digital identities.

HackNotice also enables clients to apportion cut notices with their friend, family, and collogues to help increase awareness around alleged hacks, breaches, or data leaks. HackNotice works to provide clients with sharable reports to help growth the security of our clients personal network. The security of the people that our clients interact with directly impacts the raze of surety of our clients. Increased photograph to accounts that have been taken over by hackers leads to further account read overs through phishing, malware, and other attach techniques.

If you found this drudge observation to be helpful, then you may be interested in reading some additional nag notices such as:

breach. a common coming to assess the impact of data breaches is to study the market reaction to ch related fees. The Yahoo transgress disclosed in 2016 may live ace of the most expensive to customary for the offending party to endeavor to mitigate amends by providing to the victim's subsc

Union Grove High learns lessons from ransomware scare - Journal Times

Bouygues Construction falls victim to ransomware - ZDNet

GEDIA