Confidential Data On 24.3m Patients Found Exposed Online

Between mid-July 2019 and early September 2019, Greenbone Networks carried out an analysis of approximately 2,300 medical image archiving systems connected to the public Internet.  Greenbone’s analysis shows that several hundred PACS servers worldwide are connected to the public Internet without any kind of protection for the personal and medical data stored on them. 

A considerable number of these systems even allow access to the individual image data of any patient. Now Greenbone Networks has released details of this new research in to the security of the servers used by health providers across the world to store images of X-rays as well as CT, MRI and other medical scans.

Of the 2,300 medical image archive systems worldwide that Greenbone analysed between mid-July and early September 2019, 590 of them were freely accessible on the Internet, together containing 24.3 million data records from patients located in 52 different countries.

In the UK, approximately 1,500 patient data records are publicly accessible, as well as around 5,000 images associated with these records. In the US, the number is orders of magnitude higher with 13.7 million data sets and 45.8 million images freely accessible on the internet. 

As an estimate derived from previous attacks and investigations by various security authorities, the value of this data on the Darknet would probably be in excess of one billion US dollars. 

Available data included patient names, dates of birth, dates of examination and some medical information about the reason for examination. For US patients (which make up 13.7 million of the compromised records), it also included Social Security numbers. More than 737 million images were linked to this patient data, with approximately 400 millions of these accessible or easily downloadable via the internet. In addition, 39 of these imaging servers allowed access to patient data via an unencrypted HTTP web viewer, without any level of protection.

Dirk Schrader, cyber resilience architect at Greenbone Networks who lead the research has said: “The data pertaining to millions of patients is there for anyone to access simply because of the careless configuration of these medical archiving servers. 

“A significant number of these servers have no protection at all, they aren’t password protected and have no encryption. Indeed, everyday internet users could gain access to these servers with very little effort, there’s no need to write any code or deploy any specialist hacking tools..... Health providers need to act now to secure their systems, not just because they could be in breach of regulations such as GDPR in the EU and HIPAA in the US, but because they are putting their patients at risk. 

“This data could be used to commit identity theft, highly-specialised phishing campaigns or even for extortion, where medical information is weaponised to blackmail people in the public eye.”

HelpNetSecurity:             Greenbone:

You Might Also Read:

Healthcare Organisations In The Cloud:

The Dangers Of Internet-of-Things In Healthcare:

 

« By 2021 The Cost Of Cybercrime Will Be $6 Trillion
New US Cyber Attacks On Iran »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Contrast Security

Contrast Security

Contrast Security is the leader in modernized application security, embedding code analysis and attack prevention directly into software.

Zenith Infotech

Zenith Infotech

Zenith Infotech provide IT consulting and turnkey solution development services including aspects of security.

Radware

Radware

Radware is a global leader of application delivery and cyber security solutions for virtual, cloud and software defined data centers.

Infocyte

Infocyte

Infocyte's unique, agentless threat hunting platform for Windows and Linux is designed to rapidly assess network endpoints for evidence of compromise.

SailPoint

SailPoint

SailPoint provides identity governance solutions with on-premises and cloud-based identity management software for the most complex challenges.

Unbotify

Unbotify

Unbotify's mission is to provide a best in class solution to one of the major problems of web application security today - detecting malicious bots.

Temasoft

Temasoft

TEMASOFT is a software company focused on developing security and infrastructure products.

Cybertonica

Cybertonica

Cybertonica is a FinTech company which detects and prevents fraudulent transactions and reduces risk for financial services organisations.

NFIR

NFIR

NFIR is a specialist in the field of cyber security incident response and digital forensics.

Clavis Information Security

Clavis Information Security

Clavis is an Information Security company offering a complete portfolio of solutions from Pentesting and Security Assessments to Managed Security Services and Training.

Anthony Timbers LLC

Anthony Timbers LLC

Anthony Timbers is a cybersecurity consulting and penetration testing firm providing services to the Federal and Commercial sectors nationwide.

Onesecure Asia

Onesecure Asia

ONESECURE Asia’s expertise and services are built around its mission to provide reliable, robust and scalable technology solutions to cater for its customers’ needs.

Belcan

Belcan

Belcan is a global supplier of engineering, manufacturing & supply chain, workforce and government IT solutions to customers in the aerospace, defense, automotive, industrial, and private sector.

Institute for Pervasive Cybersecurity - Boise State University

Institute for Pervasive Cybersecurity - Boise State University

Boise State University’s Institute for Pervasive Cybersecurity is a leader of innovative cybersecurity research and advancement in Idaho and the region.

Presidio Identity

Presidio Identity

Presidio Identity offers a digital-native approach that brings security, privacy, and simplicity to user authentication and digital interactions.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.