A 2-terabyte database containing more than 1.6 million clinical trial records has been exposed through weak passwords and encryption. The leaked database contained sensitive patient health information, including names, dates of birth, email addresses, phone numbers, immunization records, and medication lists.
Jeremiah Fowler, a researcher at Security Discovery, discovered a major breach that affected DM Clinical Research, a clinical trial network based in Houston. Discovery. The database contained patient questionnaires in PDF format containing personal and medical information. The personal information could have been obtained by insurance companies or criminals and used to commit health care fraud. The researchers immediately reported the problem to the company, after which access to the database was closed. However, it remains unclear how long the data was available to the public and whether third parties had time to use it. Fowler noted that only an internal audit can answer this question.
This is not the first large-scale medical data leak of this kind. Last year, for example, a cyberattack stole the personal data of more than 400,000 people working in drug treatment centers in the United States. The healthcare sector remains an attractive target for hackers due to the low level of security and the high value of information.
Data leaks in the healthcare sector have serious consequences, since it is impossible to change a person’s medical history. Experts advise companies to apply multi-layered data protection and conduct regular security audits.
104 
141 
109 