Confidential Data On 24.3m Patients Found Exposed Online

Between mid-July 2019 and early September 2019, Greenbone Networks carried out an analysis of approximately 2,300 medical image archiving systems connected to the public Internet.  Greenbone’s analysis shows that several hundred PACS servers worldwide are connected to the public Internet without any kind of protection for the personal and medical data stored on them. 

A considerable number of these systems even allow access to the individual image data of any patient. Now Greenbone Networks has released details of this new research in to the security of the servers used by health providers across the world to store images of X-rays as well as CT, MRI and other medical scans.

Of the 2,300 medical image archive systems worldwide that Greenbone analysed between mid-July and early September 2019, 590 of them were freely accessible on the Internet, together containing 24.3 million data records from patients located in 52 different countries.

In the UK, approximately 1,500 patient data records are publicly accessible, as well as around 5,000 images associated with these records. In the US, the number is orders of magnitude higher with 13.7 million data sets and 45.8 million images freely accessible on the internet. 

As an estimate derived from previous attacks and investigations by various security authorities, the value of this data on the Darknet would probably be in excess of one billion US dollars. 

Available data included patient names, dates of birth, dates of examination and some medical information about the reason for examination. For US patients (which make up 13.7 million of the compromised records), it also included Social Security numbers. More than 737 million images were linked to this patient data, with approximately 400 millions of these accessible or easily downloadable via the internet. In addition, 39 of these imaging servers allowed access to patient data via an unencrypted HTTP web viewer, without any level of protection.

Dirk Schrader, cyber resilience architect at Greenbone Networks who lead the research has said: “The data pertaining to millions of patients is there for anyone to access simply because of the careless configuration of these medical archiving servers. 

“A significant number of these servers have no protection at all, they aren’t password protected and have no encryption. Indeed, everyday internet users could gain access to these servers with very little effort, there’s no need to write any code or deploy any specialist hacking tools..... Health providers need to act now to secure their systems, not just because they could be in breach of regulations such as GDPR in the EU and HIPAA in the US, but because they are putting their patients at risk. 

“This data could be used to commit identity theft, highly-specialised phishing campaigns or even for extortion, where medical information is weaponised to blackmail people in the public eye.”

HelpNetSecurity:             Greenbone:

You Might Also Read:

Healthcare Organisations In The Cloud:

The Dangers Of Internet-of-Things In Healthcare:

 

« By 2021 The Cost Of Cybercrime Will Be $6 Trillion
New US Cyber Attacks On Iran »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security is a leading manufacturer of network security appliances for use in industrial environments.

ManagedMethods

ManagedMethods

ManageMethods Cloud Access Monitor is the only Cloud Access Security Broker (CASB) that can be deployed in minutes, with no special training, and with no impact on users or networks.

iLand

iLand

iland is a global cloud service provider of secure and compliant hosting for infrastructure (IaaS), disaster recovery (DRaaS), and backup as a service (BaaS).

HYAS Infosec

HYAS Infosec

HYAS is a highly skilled information security firm developing the next generation of information security technology.

Safe Security

Safe Security

Safe Security (formerly Lucideus) provides Cyber risk assessment services and platforms to multiple Fortune 500 companies and governments across the globe.

Kippeo Technologies

Kippeo Technologies

Kippeo is a security systems integrator providing innovative solutions that look at all the parameters and connect all the dots.

Industrial Cybersecurity Center (CCI)

Industrial Cybersecurity Center (CCI)

CCI is the first center of its kind that comes from industry without subsidies, independent and non-profit, to promote and contribute to the improvement of Industrial Cybersecurity.

TierPoint

TierPoint

TierPoint delivers secure, reliable, and connected infrastructure solutions at the internet’s edge. We meet you where you are in your journey to solve for data storage, compute, and recovery.

Edureka

Edureka

Edureka is an online technology training provider with the most effective learning system in the world. We help professionals learn trending technologies for career growth.

RedLegg

RedLegg

RedLegg is a master provider of information security services, a boutique, nimble, old-fashioned customer service company that enjoys the technology battlefield.

Support Link Technologies (SLT)

Support Link Technologies (SLT)

Support Link Technologies are an IT Solutions Company committed to achieving customer satisfaction through excellent customer service.

Liminal

Liminal

Liminal is a boutique strategy advisory firm serving digital identity, fintech, and cybersecurity clients, and the private equity / venture capital community.

Banyax

Banyax

Banyax provides 24×7 real-time Cyber Defense Center Services using the latest technology tools to provide state-of-the-art defense.

HIFENCE

HIFENCE

HIFENCE delivers cybersecurity and networking services that make your company safer and more secure. That’s all we do, so you can concentrate on all the things that you do best.

ThreatER

ThreatER

ThreateER (formerly ThreatBlockr / Bandura Cyber) is a cybersecurity platform that provides active network defense by automating the discovery, enforcement, and analysis of cyber threats at scale.

Forensic IT

Forensic IT

Forensic IT is a specialised cyber security firm with expertise in Digital Forensics and Incident Response (DFIR).