A brand new information leak has uncovered the information of hundreds of thousands of sufferers, together with their COVID-19 check outcomes. TechCrunch reported that one in every of India’s largest testing laboratories, Dr Lal PathLabs, did not safe the non-public information of hundreds of thousands of sufferers.
Dr Lal PathLabs was storing delicate affected person information on Amazon Internet Companies (AWS) with out a password, making the information accessible to all. The information was saved on the unsecured cloud server for nearly a yr.
The information included sufferers’ reserving particulars similar to their title, deal with, cellphone quantity, e-mail id, cost particulars, digital signature, and likewise the kind of medical exams that they had taken. The leaked information reportedly revealed novel coronavirus check particulars too.
The information was obtainable within the public area and accessible to all till September, when the breach was highlighted by Australia-based cybersecurity professional Sami Toivonen.
After this, Dr Lal PathLabs “rapidly shut down entry to the bucket.”
Talking concerning the main information breach, Toivonen stated: “As soon as I found this, I used to be blown away that one other publicly listed organisation had did not safe their information. I’m glad that they secured it inside just a few hours after I contacted them as a result of this type of publicity with hundreds of thousands of affected person data may very well be misused in so some ways by the malicious actors.”
A spokesperson of Dr Lal PathLabs has stated that they’re ‘investigating’ the information safety breach.
First Printed on Oct 9, 2020 08:44 pm