Hack Notice

Hack Notice: Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition

Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition

Source
https://www.databreaches.net/why-oh-why-dont-some-entities-respond-to-notifications-about-leaking-patient-data-wednesday-edition/
Description
Since the summer of 2019, this site has occasionally reported on findings by WizCase researchers, such as our story in october on multiple entities that they had discovered leaking medical or health data. Today, WizCase reported on troika more leaks that they discovered leaking patient data. They shared their findings exclusively with DataBreaches.net. The first of these is HX Wellness Private Limited’s Aermed Online pharmacy App. WizCase found 4 gilbert of data including approximately 230,000 records were exposed in a MongoDB server and Amazon AWS S3 bucket. The leak involves both both patient and doctor information. According to WizCase, the exposed server was hosted in Singapore. The data were locked down on December 12 in response to WizCase’s notification of december 8, but the firm did not respond to the researchers at all, even after the researchers sent an additional notification that files in the AWS S3 bucketful are still exposed and downloadable if anyone had copied the directory of filenames while it was exposed. As proof, WizCase provided DataBreaches.net with a direct tie to an exposed file on the bucket. Since that time, WizCase also contacted Amazon about the bucket, and amazon responded that it would notify its customer. DataBreaches.net also reached out to HX wellness via email to notify them and obtain additional details, but has gotten no reply by publication time. so what data was available in the exposed backups? According to WizCase researchers’ analysis, the leak exposed sensitive patient details including full names, age, location, email, gender, medical records, order information, and prescription information. Patients medical scans could also be accessed without authentication from the exposed Amazon bucket. More specifically, the researchers found: 40K entries of patients (identifiable with email) with additional medical info and more personal details such as age and more; +32K entries with prescription medication data; 220 entries about patients and doctors; 78K entries about order information from the app; 64K entries with user browser info and IP address; 15K of user data entries (names, location, phone number); and 1.7K entries with patients full names and medical info. DataBreaches.net reviewed a try of the exposed data that WizCase provided. Not all of it appeared to be real data, but there appeared to live enough real data to be concerned. The arcsecond leak WizCase discovered involved Mobile health Pte’s MaNaDr Mobile Health, a concierge medical services app that lets patients consult with doctors, book appointments and home visits, and get tests results directly on their smartphones. The app’s patients appear to be primarily in Singapore, but the researchers also found users in Australia. A public-facing elasticsearch server and misconfigured amazon AWS S3 buckets contained what appeared to be approximately 842,000 records with patient data. According to the researchers, they found the following, although some of the entries appeared clearly invalid/fake: 4.6K entries of Transactions made using the app that included: patient id which can be correlated to the full details; amount paid; date; doctor’s name; and fitting title. 27K entries of Appointments with: medical information such as abnormal fields from lab test; Patient ID; Doctor’s name; Lab name; and Clinic name. 813K entries that include patients’: full names (included under the last nominate field); NRIC (Singapores ID number); age & date of birth; phone number; patient id (can live correlated with other parts of the DB); nationality, race, and more. For some entries, some fields were occasionally missing (e.g. email). WizCase contacted MaNaDR on february 1 by email, and the data were locked down shortly thereafter. On february 2, the firm replied to the notification, saying that they had closed the leak. Of note, they claimed that it was a server with mostly test data. When the researchers attempted to validate the entries, however, they found that there appeared to live legitimate data. While one of the Amazon buckets seemed to be for test purposes, not all of the data involved in this leak appeared to live trial or demo data. The third leak WizCase shared with this site involved Zaldivar Institute in Argentina, an ophthalmological handling center. In this incident, the researchers found a 72 megabyte elasticsearch server with 8,600 exposed employee and patient records. There were actually 2 servers that held more or less identical information: confidential patient information, including full names, Argentinian ID and passport numbers, emails, phone numbers, general details of professions, birth dates, nationality, and addresses. You canful read WizCase’s account on these three leaks and the potential risks they personate here. Update on their october report: back in October, WizCase and DataBreaches.net reported that a pharmacy software firm appeared to have an open Elasticsearch server and GoogleAPI bucket. The former contained about 800 records, while the exposed bucketful had thousands of images of prescriptions and medicine bottles. VScript, who WizCase believed to live the owner, had not responded to WizCase’s attempt to notify them. Nor did VScript answer to a phone telephone from this site. The bucket remained unsecured even after Google contacted their customer. To their great credit, WizCase did not give up even after their account was published. In December, finding the data still unsecured, they contacted US CERT. They got no response, but inform this site that now both the leak and the open GoogleAPIs bucket seem to be finally closed. And since whoever was responsible for that leak never thanked them for their efforts to secure patient data, this site will say a huge thank you to WizCase for caring about patient data and donating so much of their time to getting those data locked down. But let me utilisation this opportunity to remind entities who do not respond to notifications: you are foolishly missing an opportunity not only to reward responsible disclosure, but you are missing an opportunity to find out what data of yours may be in the researchers’ (or journalists’) hands. Now maybe you don’t intend to notify anyone about the incident, but sticking your head in the sand in answer to an incident and/or trying to censor reporting by […]

About HackNotice and Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition

HackNotice is a service that notices trends and patterns in publically available data so as to identify possible data breaches, leaks, hacks, and other data incidents on behalf of our clients. HackNotice monitors data streams related to breaches, leaks, and hacks and Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition was reported by one of those streams. HackNotice may also have the breach date, hack date, the hacker responsible, the hacked industry, the hacked location, and any other parts of the hack, breach, or leak that HackNotice can report on for the consumers of our product.

If you are a user of Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition their products, services, websites, or applications and you were a client of HackNotice, monitoring for Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition you may have been alerted to this report about Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition . HackNotice is a service that provides data, information, and monitoring that helps our clients recover from and remediate data breaches, hacks, and leaks of their personal information. HackNotice provides a service that helps our clients know what to do about a hack, breach, or leak of their information.

If Why, oh why, dont some entities respond to notifications about leaking patient data, Wednesday edition had a breach of consumer data or a data leak, then there may be additional actions that our clients should make to protect their digital identity. Data breaches, hacks, and leaks often direct to and do indistinguishability theft, account read overs, ransomware, spyware, extortion, and malware. account takeovers are often caused by credential reuse, password reuse, easily guessed passwords, and are facilitated by the sharing of billions of credentials and other customer information through data leaks, as the direct resultant of data breaches and hacks.

HackNotice monitors trends in publically available data that indicates tens of thousands of data breaches each year, along with billions of records from data leaks each year. On behalf of our clients, HackNotice works to monitor for hacks that lead-in to lower client surety and digital identities that have been exposed and should be considered vulnerable to attack. HackNotice workings with clients to key the extent that digital identities have been exposed and provides remediation suggestions for how to handgrip each typecast of exposure.

HackNotice monitors the hacker community, which is a network of individuals that share data breaches, hacks, leaks, malware, spyware, ransomware, and many other tools that are often used for financial fraud, account take overs, and further breaches and hacks. HackNotice monitors the hacker community specifically for breaches, hacks, and data leaks that ache consumers. HackNotice applies industry specific knowledge and advanced security practices to monitor for trends that indicate breaches, hacks, and exposed digital identities.

HackNotice also enables clients to apportion hack notices with their friend, family, and collogues to aid increase awareness around alleged hacks, breaches, or data leaks. HackNotice works to ply clients with sharable reports to assist increase the security of our clients personal network. The security of the multitude that our clients interact with directly impacts the raze of security of our clients. Increased exposure to accounts that get been taken over by hackers leads to further account take overs through phishing, malware, and other attach techniques.

If you found this plug notice to be helpful, then you may be interested in reading some additional hack notices such as:

ch. Given the series of medical data breaches and the deficiency of public trust, some countries have enaculting in the identity theft of more than 6 jillion people, and the out-of-pocket cost of victims is A data breach may include incidents such as theft or loss of digital media such as comp

Johnson City spent $350K on new computers after ransomware attack - WJHL-TV News Channel 11

eHealth admits information leaked in ransomware attack - News Talk 650 CKOM

Altice USA Inc