Millions of Americans' medical images and data are available on the Internet

[InfoSec News <alerts () infosecnews org>]

https://arstechnica.com/information-technology/2019/09/millions-of-americans-medical-images-and-data-are-available-on-the-internet/

By Jack Gillum, Jeff Kao and Jeff Larson
PROPUBLICA
9/17/2019

Medical images and health data belonging to millions of Americans, including
X-rays, MRIs, and CT scans, are sitting unprotected on the Internet and
available to anyone with basic computer expertise.

The records cover more than 5 million patients in the United States and millions
more around the world. In some cases, a snoop could use free software
programs—or just a typical Web browser—to view the images and private data, an
investigation by ProPublica and the German broadcaster Bayerischer Rundfunk
found.

We identified 187 servers—computers that are used to store and retrieve medical
data—in the US that were unprotected by passwords or basic security precautions.
The computer systems, from Florida to California, are used in doctors' offices,
medical-imaging centers, and mobile X-ray services.

The insecure servers we uncovered add to a growing list of medical records
systems that have been compromised in recent years. Unlike some of the more
infamous recent security breaches, in which hackers circumvented a company's
cyber defenses, these records were often stored on servers that lacked the
security precautions that long ago became standard for businesses and government
agencies.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_