Confidential Data On 24.3m Patients Found Exposed Online

Between mid-July 2019 and early September 2019, Greenbone Networks carried out an analysis of approximately 2,300 medical image archiving systems connected to the public Internet.  Greenbone’s analysis shows that several hundred PACS servers worldwide are connected to the public Internet without any kind of protection for the personal and medical data stored on them. 

A considerable number of these systems even allow access to the individual image data of any patient. Now Greenbone Networks has released details of this new research in to the security of the servers used by health providers across the world to store images of X-rays as well as CT, MRI and other medical scans.

Of the 2,300 medical image archive systems worldwide that Greenbone analysed between mid-July and early September 2019, 590 of them were freely accessible on the Internet, together containing 24.3 million data records from patients located in 52 different countries.

In the UK, approximately 1,500 patient data records are publicly accessible, as well as around 5,000 images associated with these records. In the US, the number is orders of magnitude higher with 13.7 million data sets and 45.8 million images freely accessible on the internet. 

As an estimate derived from previous attacks and investigations by various security authorities, the value of this data on the Darknet would probably be in excess of one billion US dollars. 

Available data included patient names, dates of birth, dates of examination and some medical information about the reason for examination. For US patients (which make up 13.7 million of the compromised records), it also included Social Security numbers. More than 737 million images were linked to this patient data, with approximately 400 millions of these accessible or easily downloadable via the internet. In addition, 39 of these imaging servers allowed access to patient data via an unencrypted HTTP web viewer, without any level of protection.

Dirk Schrader, cyber resilience architect at Greenbone Networks who lead the research has said: “The data pertaining to millions of patients is there for anyone to access simply because of the careless configuration of these medical archiving servers. 

“A significant number of these servers have no protection at all, they aren’t password protected and have no encryption. Indeed, everyday internet users could gain access to these servers with very little effort, there’s no need to write any code or deploy any specialist hacking tools..... Health providers need to act now to secure their systems, not just because they could be in breach of regulations such as GDPR in the EU and HIPAA in the US, but because they are putting their patients at risk. 

“This data could be used to commit identity theft, highly-specialised phishing campaigns or even for extortion, where medical information is weaponised to blackmail people in the public eye.”

HelpNetSecurity:             Greenbone:

You Might Also Read:

Healthcare Organisations In The Cloud:

The Dangers Of Internet-of-Things In Healthcare:

 

« By 2021 The Cost Of Cybercrime Will Be $6 Trillion
New US Cyber Attacks On Iran »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Blue Frost Security

Blue Frost Security

Blue Frost Security provides high-level IT security consulting, penetration testing services, ISO 27001 Solutions, PCI compliance solutions and training.

GlobalSign

GlobalSign

GlobalSign is an identity services company providing cloud-based, PKI solutions for enterprises needing to conduct safe commerce, communications, content delivery and community interactions.

ISACA Conferences

ISACA Conferences

ISACA is dedicated to offering the most dynamic and inclusive conferences to keep you abreast of the latest advances in IT and Information Security.

Fraunhofer Institute for Secure Information Technology (SIT)

Fraunhofer Institute for Secure Information Technology (SIT)

Fraunhofer SIT is a research centre specialising in all areas of IT security.

Cipher Tooth

Cipher Tooth

CipherTooth is a superior system for delivering secure content over the Internet.

New Zealand Internet Task Force (NZITF)

New Zealand Internet Task Force (NZITF)

The New Zealand Internet Task Force (NZITF) is a non-profit with the mission of improving the cyber security posture of New Zealand.

Cybercrime Investigation & Coordinating Center (CICC)

Cybercrime Investigation & Coordinating Center (CICC)

The Cybercrime Investigation and Coordinating Center (CICC) is an attached agency of the Philippines Department of Information and Communications Technology (DICT).

Wynyard Group

Wynyard Group

Wynyard Group is a niche, technology-driven company specializing in Integrated Border Security solutions for enhanced public safety.

Silicon Cloud International

Silicon Cloud International

Silicon Cloud is a high performance and secure cloud computing platform for engineering and scientific applications.

SecureStack

SecureStack

SecureStack helps software developers find security & scalability gaps in their web applications and offers ways to fix those gaps without forcing those developers to become security experts.

Senteon

Senteon

Senteon is a turnkey cybersecurity platform designed to make securing confidential data affordable, understandable, and streamlined for small-to-mid sized businesses and MSPs.

RealTyme

RealTyme

RealTyme is a secure communication and collaboration platform with privacy and human experience at its core.

Telesign

Telesign

Telesign connect, protect, and defend online experiences with sophisticated digital identity and programmable communications solutions.

Lodestone

Lodestone

Lodestone partners with clients to help them mitigate business and reputational risk, through our human-based, approach to cyber security, digital forensics and incident response.

Muscope Cybersecurity

Muscope Cybersecurity

Muscope CYSR platform performs a risk assessment and offers a comprehensive overview of the potential cyber attack risks.

BreakPoint Labs

BreakPoint Labs

BreakPoint Labs is dedicated to providing the methods and means for sustainable, measurable, and effective cybersecurity operations.