• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Medical Service Leaks 12,000 Sensitive Patient Images

You are here: Home / General Cyber Security News / Medical Service Leaks 12,000 Sensitive Patient Images
March 23, 2022

A professional medical Q&A company provider is going through questions about its security procedures soon after a cloud misconfiguration appeared to leak sensitive pictures of 1000’s of sufferers, like infants.

A crew at Security Detectives traced the uncovered Amazon S3 bucket back to Japanese company Doctors Me. It was apparently remaining open with no authentication controls in location.

Together with other services, Medical professionals Me allows users to upload images of medical conditions for diagnosis by clinicians anonymously.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


Nevertheless, the cloud storage misconfiguration remaining 300,000 information at the mercy of possible destructive actors. The 30GB trove showcased around 12,000 unique illustrations or photos, which includes the faces and personal regions of small children and infants, in accordance to Safety Detectives.

If terrible actors could identify users by cross-checking visuals with social media and other platforms, it could put them at risk of blackmail, the scientists argued.

“Criminals could potentially establish Medical doctors Me shoppers and any other dependents who have their encounter or exceptional identifiable qualities (i.e. exclusive tattoos) pictured on the bucket. Hackers could also recognize customers if just one of their healthcare photographs was uploaded to numerous other platforms,” it said.

“An exposed individual could experience embarrassed and anxious about their medical issue, and could face ridicule and reputational injury must others uncover out. In some situations, exposing delicate professional medical info can finally impact someone’s own interactions, courting life, and occupation opportunities.”

It’s not crystal clear if the reside bucket was secured next its discovery. Basic safety Detectives mentioned it contacted Doctors Me and the Japanese CERT on November 21 2021. It adopted up with the CERT once again a week afterwards and AWS, and once again in December and January 2022.

The last make contact with published in the report was a CERT response on January 11 this yr, informing the analysis crew that it had contacted AWS.


Some parts of this post are sourced from:
www.infosecurity-journal.com

Previous Post: «eu proposes new bloc wide cyber security regulations EU proposes new bloc-wide cyber security regulations
Next Post: Chinese ‘Mustang Panda’ Hackers Spotted Deploying New ‘Hodur’ Malware chinese 'mustang panda' hackers spotted deploying new 'hodur' malware»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • How To Comply With The Cyber Insurance MFA Checklistwww.silverfort.comMulti-Factor AuthenticationLearn how to comply with the checklist of resources requiring MFA coverage in cyber insurance policies.
  • Russian Turla Hackers Hijack Decade-Old Malware Infrastructure to Deploy New Backdoors
  • WhatsApp Unveils Proxy Support to Tackle Internet Censorship
  • Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
  • Blind Eagle Hacking Group Targets South America With New Tools
  • US Family Planning Non-Profit MFHS Confirms Ransomware Attack
  • Microsoft Reveals Tactics Used by 4 Ransomware Families Targeting macOS
  • Dridex Malware Now Attacking macOS Systems with Novel Infection Method
  • Cyber attacks on UK organisations surged 77% in 2022, new research finds
  • WhatsApp to combat internet blackouts with proxy server support

Copyright © TheCyberSecurity.News, All Rights Reserved.