Jeremiah Fowler, a security researcher, uncovered a non-password-protected database thought to be owned by Carolina Anaesthesiology PA, a healthcare organisation based in North Carolina. This dataset included several states, had 21,344 records, and was about 7GB in size.
The data included sensitive information such as patient names, physical addresses, phone numbers, and email addresses, as well as insurance coverage details, anaesthesia summaries, diagnoses, family medical histories, and doctor’s notes.
According to the researcher, there were files labelled ‘Billing and Compliance Reports’, which indicates the sort of data contained. While there is no proof that the database fell into criminal hands, the vulnerability of the unsecured database might expose numerous people to social engineering attacks such as phishing, identity theft, or fraud.
The dataset included a “detailed analysis and key metrics related to medical billing and healthcare services provided,” according to the researcher. However, the healthcare company that was contacted stated that it did not own or manage
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: