Thursday, February 22, 2024
-Advertisement-
Reimagining Public Sector Analytics
Reimagining Public Sector Analytics
HomeNewseHealthRedcliffe Labs exposes over 12 million patient records

Redcliffe Labs exposes over 12 million patient records

Follow Tech Observer on Google News

This exposure included names of patients and doctors, details about whether the testing sample was collected at home or a medical facility, and an extensive array of other health-related information, said cybersecurity researcher.

Google News

A senior cybersecurity researcher reported that Noida-based diagnostics service provider exposed over 12 million patient records due to a misconfigured and non-password-protected database.

“Exposed database comprised medical diagnostic scans, test results, and a wealth of sensitive medical information,” said cybersecurity researcher, Jeremiah Fowler, who first reported this to WebsitePlanet.

The database in question reportedly contained 12,347,297 records, adding up to 7 TB of data. This exposure included names of patients and doctors, details about whether the testing sample was collected at home or a medical facility, and an extensive array of other health-related information.

Fowler noted that while Redcliffe Labs' official customer base is 2.5 million, the presence of over 6 million PDF documents in a folder marked “test results” suggests the breach could have a wider impact.

Fowler's investigation further revealed that along with the patient records, development files related to Redcliffe Labs' popular mobile application were also exposed.

“Such files are crucial as they control an app's functionality and the data transmitted between the user and the host server. In the wrong hands, this information could lead to cyberattacks compromising user data, app functionality, or mobile device security,” Fowler explained.

According to cybersecurity experts, the risks associated with this kind of data exposure are manifold, including medical identity theft, ransomware attacks, and misuse of private health information. The healthcare sector, known for holding valuable data, remains a prime target for cybercriminals.

In its report, Fowler underscored the importance of cybersecurity in healthcare and recommends steps like data encryption, regular testing of data repositories, and updated security protocols. He also emphasised the need for cybersecurity training for staff and contractors and the establishment of an incident response plan.

This incident coincides with the recent implementation of the Digital Personal Data Protection Act, 2023 (DPDP Act), India's first comprehensive law. This act mandates that companies report within 72 hours and imposes significant financial penalties for non-compliance.

Fowler clarified that, as of his findings, there is no evidence to suggest that any unauthorised parties have accessed the app or patients' data. An email sent to the company by TechObserver.in is yet to be replied.

Get the day's headlines from Tech Observer straight in your inbox

By subscribing you agree to our Privacy Policy, T&C and consent to receive newsletters and other important communications.
Shalini Shukla
Shalini Shukla
Shalini Shukla is Correspondent at TechObserver.in. She has keen interest in start-ups, emerging technologies and education sector.
- Advertisement -
Reimagining Public Sector Analytics
Reimagining Public Sector Analytics
- Advertisement -Veeam
- Advertisement -Reimagining Public Sector Analytics
- Advertisement -ESDS SAP Hana

Subscribe to our Newsletter

83000+ Industry Leaders read it everyday

By subscribing you agree to our Privacy Policy, T&C and consent to receive newsletters and other important communications.
- Advertisement -

5G defence market to grow at 33.3% CAGR, reaching $3.8 billion by 2032

The global market for 5G technology in defence is projected to grow at an impressive compound annual growth rate (CAGR) of 33.3% from 2022 to 2032, according to a recent report.

RELATED ARTICLES