Connect with us

Hi, what are you looking for?

Tech & Science

Millions of patient records exposed online by leaky database

In the time of increased cyberattacks, healthcare bodies have to take particular care with patient data.

Fiji braces for more Covid-19 deaths as outbreak worsens
An outbreak of the Delta coronavirus variant is threatening Fiji's healthcare system - Copyright AFP Yasuyoshi CHIBA
An outbreak of the Delta coronavirus variant is threatening Fiji's healthcare system - Copyright AFP Yasuyoshi CHIBA

A recent Medical AI Database exposure led to over 800 million patient records being mad vulnerable to hackers. This follows on from an incident last year when millions of medical images were found exposed online.

With the recent incident, the medical records in the exposed database apparently contain patient IDs, physician notes and other detailed medical data on patients.

One area of weakness with medical records relates to a decades-old file format and industry standard known as DICOM. This was designed to make it easier for medical practitioners to store medical images in a single file and share them with other medical practices. However, the technology is not especially secure, according to TechCrunch.

According to Pravin Rasiah, VP of Product, CloudSphere, the issue highlights some inherent weaknesses with many databases.

Rasiah explains that healthcare bodies have to take particular care with patient data, noting: “Entrusted with the collection and storage of highly sensitive patient and physician data, companies operating in the healthcare space have a responsibility to be hypervigilant in their security and governance practices.”

The issue does not stop with the core body, for the principles of good data security extends out to subsidiary firms as well. Rasiah points out: “Similarly, healthcare service providers must hold their partners and vendors to strict security standards as well.”

This is apparent with the recent incident, Rasiah  finds: “The fact that almost 900 million records were left exposed without even basic password protection or identity authentication requirements displays a concerning lack of security guardrails. Far too often databases are unknowingly left exposed, leaving confidential patient and physician data vulnerable to malicious threat actors.”

The actual case did not turn out as bad as it could have done: “Although in this instance, ethical security researchers discovered the breach and the issue was remediated thereafter, in many cases bad actors are the first to find and exploit exposed data.” Nonetheless, the sequence of events could have been harmful to patients.

This means that robust security measures are needed. Here Rasiah recommends: “In order to properly secure sensitive data, organizations must take the first step of cyber asset management to discover all cyber assets in their IT environment and understand connections between business services.”

Putting this in place, Rasiah concludes: “Allows for comprehensive visibility and management of all data in an IT environment and the security measures in place, in real time.”

Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:


Unexploded ordnance is seen on a road in Severodonetsk, eastern Ukraine - Copyright AFP Ishara S. KODIKARAHere are the latest developments in the war...


Some hardline Hindu groups are claiming the famed Taj Mahal was built on the site of a shrine to Shiva - Copyright AFP Yasuyoshi...


UN data estimates that more than 620,000 Ukrainian refugees have crossed into Hungary since the invasion on February 24.


Russian troops abandoned positions near Kharkiv in haste when Ukrainian forces pushed them back towards the border - Copyright AFP PRAKASH MATHEMAOn a small...