Other leaked data included a range of personal information such as names, addresses and personal healthcare information.
Over 45 million medical imaging files including x-rays and CT scans have been found sitting on internet-facing unprotected servers and accessible for anyone to view.
The discovery of the leaked data from hospitals and medical centers from around the world was the result of CybelAngel’s research team’s six-month-long investigation into Network Attached Storage (NAS) and Digital Imaging and Communications in Medicine (DICOM). The investigation uncovered millions of unique images stored on more than 2,140 unprotected servers located across 67 countries including the United States, the United Kingdom and Germany, among others.
However, to make matters worse some images included dozens of lines of metadata per record disclosing Personally Identifiable Information (PII) such as names, birth dates, addresses, and personal healthcare information indicating patient’s height, weight, and even diagnosis.
The sum of all the data could allow threat actors with malicious intent to create a comprehensive portrait of their potential targets. This could lead to the affected patients becoming victims of identity theft, phishing, extortion, financial and other types of fraud. Alternatively, cybercriminals could also sell the data on dark web marketplaces
“This is a concerning discovery and proves that more stringent security processes must be put in place to protect how sensitive medical data is shared and stored by healthcare professionals. A balance between security and accessibility is imperative to prevent leaks from becoming a major data breach,” said David Sygula a Senior Cybersecurity Analyst at Cybel Angel.
Since some of th ..
Support the originator by clicking the read the rest link below.
