A huge trove of medical records and prescriptions found exposed

[InfoSec News <alerts () infosecnews org>]

https://techcrunch.com/2019/03/17/medical-health-data-leak/

By Zack Whittaker
TechCrunch.com
March 17, 2019

A health tech company was leaking thousands of doctor’s notes, medical records, 
and prescriptions daily after a security lapse left a server without a 
password.

The little-known software company, California-based Meditab, bills itself as 
one of the leading electronic medical records software makers for hospitals, 
doctor’s offices, and pharmacies. The company, among other things, processes 
electronic faxes for healthcare providers, still a primary method for sharing 
patient files to other providers and pharmacies.

But that fax server wasn’t properly secured, according to the security company 
that discovered the data.

SpiderSilk, a Dubai-based cybersecurity firm, told TechCrunch of the exposed 
server. The exposed fax server was running a Elasticsearch database with over 
six million records since its creation in March 2018.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_