• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Medical Service Leaks 12,000 Sensitive Patient Images

You are here: Home / General Cyber Security News / Medical Service Leaks 12,000 Sensitive Patient Images
March 23, 2022

A professional medical Q&A company provider is going through questions about its security procedures soon after a cloud misconfiguration appeared to leak sensitive pictures of 1000’s of sufferers, like infants.

A crew at Security Detectives traced the uncovered Amazon S3 bucket back to Japanese company Doctors Me. It was apparently remaining open with no authentication controls in location.

Together with other services, Medical professionals Me allows users to upload images of medical conditions for diagnosis by clinicians anonymously.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper take secure and enxrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized seller: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Nevertheless, the cloud storage misconfiguration remaining 300,000 information at the mercy of possible destructive actors. The 30GB trove showcased around 12,000 unique illustrations or photos, which includes the faces and personal regions of small children and infants, in accordance to Safety Detectives.

If terrible actors could identify users by cross-checking visuals with social media and other platforms, it could put them at risk of blackmail, the scientists argued.

“Criminals could potentially establish Medical doctors Me shoppers and any other dependents who have their encounter or exceptional identifiable qualities (i.e. exclusive tattoos) pictured on the bucket. Hackers could also recognize customers if just one of their healthcare photographs was uploaded to numerous other platforms,” it said.

“An exposed individual could experience embarrassed and anxious about their medical issue, and could face ridicule and reputational injury must others uncover out. In some situations, exposing delicate professional medical info can finally impact someone’s own interactions, courting life, and occupation opportunities.”

It’s not crystal clear if the reside bucket was secured next its discovery. Basic safety Detectives mentioned it contacted Doctors Me and the Japanese CERT on November 21 2021. It adopted up with the CERT once again a week afterwards and AWS, and once again in December and January 2022.

The last make contact with published in the report was a CERT response on January 11 this yr, informing the analysis crew that it had contacted AWS.


Some parts of this post are sourced from:
www.infosecurity-journal.com

Previous Post: «eu proposes new bloc wide cyber security regulations EU proposes new bloc-wide cyber security regulations

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Medical Service Leaks 12,000 Sensitive Patient Images
  • EU proposes new bloc-wide cyber security regulations
  • Okta Confirms 2.5% of Customers Impacted by Lapsus Breach
  • Okta reveals full extend of LAPSUS$ breach as hackers announce hiatus
  • New Variant of Chinese Gimmick Malware Targeting macOS Users
  • Over 200,000 MicroTik Routers Worldwide Are Under the Control of Botnet Malware
  • QNAP NAS devices face fresh Deadbolt ransomware attack
  • Microsoft and Okta Confirm Breach by LAPSUS$ Extortion Group
  • Lapsus$ Data Kidnappers Claim Snatches From Microsoft, Okta
  • Background Check Company Sued Over Data Breach

Copyright © TheCyberSecurity.News, All Rights Reserved.