Governance & Risk Management , IT Risk Management , Next-Generation Technologies & Secure Development
Researcher Says Data on 3.1 Million Patients Exposed. Did 'Meow Bot' Fix the Problem? Marianne Kolbasuk McGee (HealthInfoSec) • August 12, 2020While the exposure of insecure databases on the internet is relatively common, a recent incident featured an unusual twist - the data was mysteriously deleted.
See Also: How To Cut Through The Web Of Insurance Fraud
In a blog Tuesday, independent security researcher Volodymyr "Bob" Diachenko writes of his discovery on July 13 of an unprotected database with information on 3.1 million patients that was exposed to the internet. The database appears to be owned by Adit, a Houston-based online medical appointment and patient management software company.
In an unusual development, on July 22, the database appears to have been deleted by a so-called "meow bot," the researcher says. "Unlike other malicious bots that find and delete exposed data, a meow bot doesn't ask for a ransom, which has led some to believe the bot is actually benevolent and aims to protect data subjects' information," he writes.
Exposed Data
The unsecured Adit database included patient names, email addresses, phone numbers and the practices where patients receive treatment, Diachenko says. It was exposed on the web without a password or any other auth ..
Support the originator by clicking the read the rest link below.
