Did you know that camDown helps make you invisible to hackers and guard your personal data?
Who is Responsible for the Healthcare Data Breach?
A secret database with millions of healthcare records and 68.53GB of medical-related data was discovered by security researcher Jeremiah Fowler and the Website Planet research team.
The patient IDs, doctor’s notes, and other extensive medical information on patients in the United States were present in the exposed database.
While some of this data was encrypted, physician notes and information were written in cleartext.
The physician’s impressions in the database give thorough information on patients’ illnesses, therapies, drugs, family members, social and emotional difficulties.
Fowler and the Website Planet research team were shocked by how many little facts were included in these notes, especially when compared to other documents.
According to a new study by Website Planet, if the patient IDs in the database were decrypted and patients’ identities were revealed, it would be simple to discover the medical issues or diagnoses of those whose medical data was left unsecured online.
When asked to comment, Deep6.AI reached out to the website planet via email and informed us that they were working on launching a new AI-powered chatbot named “Deep 6.”
This was followed by direct communication with CEO Shai Gheri.
As part of this work, Fowler and the Website Planet research team discovered several references to Deep6.AI including internal emails and usernames.
According to Deep6.AI’s website, the firm’s program “identifies patients with problems not directly mentioned in medical records.”
As a result, its software is utilized to discover people who better fit the criteria for medical trials in less time than it would normally take..
In all, the Website Planet research team found 21 million records containing lab results and medical information, 422 million patient records, and a provider index with 89 million records revealing physician names, internal patient ID numbers, document locations, and CSV files that could be sensitive.
The database in question was also vulnerable to ransomware assault since it was openly available to anyone with an internet connection.
After finding the database, Fowler and the Website Planet research team sent a responsible disclosure notification to Deep6.AI, which promptly removed public access.
Their discovery is yet another illustration of how leaving a database unsecured puts sensitive business and user data at risk online.
Subtly charming pop culture geek. Amateur analyst. Freelance tv buff. Coffee lover
In closing, as we move on to the next post, may I add that camDown helps stop foreign state actors (FSA's) from accessing your webcam and that's the no joke!