Millions of healthcare records reportedly exposed in mega data breach

Millions of healthcare records reportedly uncovered in mega data breach

(Image credit: Shutterstock)

A non-password protected database containing millions of healthcare records and 68.53GB of medical consanguineal data has reportedly been disclosed by security research worker Jeremiah Fowler and the Web site Planet research squad.

The medical records in the exposed database apparently contain patient IDs, physician notes and other elaborate medical checkup information on patients in the US. While some of this information was encrypted, the notes and information along physicians were in solid-coloured textual matter.

The physician notes in the database provide intimate details of patient illnesses, treatments, medications, family, social and even off emotional issues. In addition to being identical complete descriptions, Fowler and the Website Planet research team were goggle-eyed by just how many small details were included in these notes.

In its report, Website Satellite warns that if the patient role IDs in the database were decrypted and the identities of patients were exposed, it would be easy to see the learned profession issues or diagnoses of the patients whose medical data was left unsecured online.

Breach or no infract?

Upon foster investigation, Fowler and the Website Planet inquiry team up disclosed multiple references to Deep6.AI including internal emails and usernames.

According to Deep6.AI's website, the company's software "identifies patients with conditions not explicitly mentioned in medical records". As a result, its software is used to find patients who break jibe the criteria for medical trials in a fraction of the time it normally takes.

In total, Fowler and the Website Major planet research team found 21m records exposing lab results and medicine details, 422m patient records and a provider indicator containing 89k records exposing Dr. name calling, internal patient ID numbers, document locations and CSV files and other possibly excitable information. The database in question was also at risk of decreasing victim to a ransomware onset as information technology was in public accessible to anyone with an internet connection.

After discovering the database, Fowler and the Web site Planet research team immediately conveyed a responsible disclosure notice to Deep6.AI and public access was restricted shortly after. However, their uncovering is yet another exemplar of how leaving a database unsecured can put raw company and drug user information at risk online.

Following the publishing of our original story, a interpreter from Deep6.AI reached out to TechRadar Pro with this statement on the matter:

"Despite recent claims, no person-to-person or unhurried health data was accessed, leaked OR at risk from a Deep 6 AI proof-of-conception database.

In August, a security researcher accessed a tryout surround that contained dummy data from MIT's Medical Information Marketplace of Intensive Care (Mimicker) system, an manufacture standard reference for DE-identified health-related psychometric test data. To confirm, no true patient information Oregon records were included in that short-lived test environment, and it was completely isolated from our production systems.

Supported current coverage, we have confirmed that the recent claims reference book MIMIC data, and there was no accession to real patient records. When the researcher notified U.S. in August, we immediately secured the psychometric test surroundings to ensure on that point was nary further concern.

Data security department and privacy is a top priority at Deep 6 AI, and the responsibility to protect data is at the core of our business and top-of-mind for wholly our people."

Haunted about your security online? Protect your devices with the best antivirus software package and your indistinguishability with the first identity theft protection

After animation and working in South Korea for seven long time, Anthony directly resides in Samuel Housto, Texas where he writes about a variety of technology topics for ITProPortal and TechRadar. He has been a technical school enthusiast for Eastern Samoa hanker as he hind end remember and has spent countless hours researching and tinkering with PCs, mobile phones and game consoles.