Millions of Rehab Records Exposed on Unsecured Database (cnet.com) 26
Records for potentially tens of thousands of patients seeking treatment at several addiction rehabilitation centers were exposed in an unsecured online database, an independent researcher revealed Friday. From a report: The 4.91 million documents included patients' names, as well as details of the treatments they received, according to Justin Paine, the researcher. Each patient had multiple records in the database, and Paine estimates that the records may cover about 145,000 patients. Paine notified the main treatment center, as well as the website hosting company, when he discovered the database. The data has since been made unavailable to the public. Paine found the data by typing keywords into the Shodan search engine that indexes servers and other devices that connect to the internet.
"Given the stigma that surrounds addiction this is almost certainly not information the patients want easily accessible," Paine said in a blog post that he shared with CNET ahead of publication. Paine hunts for unsecured databases in his free time. His day job is head of trust and safety at web security company Cloudflare. The find is the latest example of a widespread problem: Any organization can easily store customer data on cloud-based services now, but few have the expertise to set them up securely. As a result, countless unsecured databases sit online and can be found by anyone with a few search skills. Many of those databases are full of sensitive personal data.
"Given the stigma that surrounds addiction this is almost certainly not information the patients want easily accessible," Paine said in a blog post that he shared with CNET ahead of publication. Paine hunts for unsecured databases in his free time. His day job is head of trust and safety at web security company Cloudflare. The find is the latest example of a widespread problem: Any organization can easily store customer data on cloud-based services now, but few have the expertise to set them up securely. As a result, countless unsecured databases sit online and can be found by anyone with a few search skills. Many of those databases are full of sensitive personal data.
Another Database Breach (Score:2)
Maybe random people should create huge databases of bogus info that seems legit, and put them in non-secured places. Debase found data.
Re: (Score:1)
Crying about corporate profits when they're unregulated and blowing patient data in the wind like a cocksucking toady, that's a very right-wing faggot mindset.
Hippahahahahaha (Score:1)
Hippahahahahaha
priority: keep medical data safe (Score:3)
Re: (Score:1)
Trend? HIPAA has real teeth with consequences.
I'm surprised it's not more (Score:3)
No, No, No (Score:2)
Now we know why Amy Winehouse said that.