NTreatment Exposes Unencrypted Patient Data

A security incident that was registered in late 2020 exposed thousands of patient records due to a poorly secured database.

The leaky database was spotted by TechCrunch who informed NTreatment - the owners of the database. The leaky server was not protected with a password. What's more, the records contained on it were stored in an unencrypted format and were open for viewing to anyone with a functioning browser.

There is no hard information concerning how long the exposed records were publicly accessible. However, some of the information makes it clear that a portion of the records belong to children. There were a total of around 110 thousand files on the unprotected server.

Similar security incidents happen on a more or less daily basis and have been so frequent for years. There is nothing the end user can do about this sort of issue and the only thing that can prevent similar future leaks is rigorous security training of employees who handle similar information.

The only precaution regular people can take against similar leaks is to use different passwords for any service or website they use. However, this will not protect them from their full names or telephone numbers and other personally identifiable information leaking from unprotected databases.

A big part of the issue here is that this immutable information that will remain valid for years in the case of a phone number, or even forever, in the case of a full name.

In an official statement NTreatment said that the company used the unsecured server for "general purpose storage" and provided no specific information on the length of time over which the files were exposed for public viewing and access.

December 29, 2020
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.