The open and unprotected medical record databases belonging to the management firms Carebox and HealthELT were found by MacKeeper's experts.
The databases, which were neither encrypted nor password-protected, held the confidential medical information of more than 150,000 patients.
Before the MacKeeper specialists contacted the corporations, the organizations had discovered and fixed the cybersecurity flaw.
The databases definitely held Social Security numbers and other sensitive information, therefore the experts questioned the accuracy of that claim.
Source: https://mackeeper.com/blog/data-breach-reports-2016/
TPRM report: https://scoringcyber.rankiteo.com/company/health-elt
"id": "hea42221823",
"linkid": "health-elt",
"type": "Data Leak",
"date": "06/2016",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': 'More than 150,000 patients',
'industry': 'Healthcare',
'name': 'Carebox',
'type': 'Management Firm'},
{'customers_affected': 'More than 150,000 patients',
'industry': 'Healthcare',
'name': 'HealthELT',
'type': 'Management Firm'}],
'attack_vector': 'Unsecured Database',
'data_breach': {'data_encryption': 'None',
'number_of_records_exposed': 'More than 150,000',
'personally_identifiable_information': 'Social Security '
'Numbers',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Medical Information',
'Social Security Numbers']},
'description': 'The open and unprotected medical record databases belonging '
'to the management firms Carebox and HealthELT were found by '
"MacKeeper's experts. The databases, which were neither "
'encrypted nor password-protected, held the confidential '
'medical information of more than 150,000 patients. Before the '
'MacKeeper specialists contacted the corporations, the '
'organizations had discovered and fixed the cybersecurity '
'flaw. The databases definitely held Social Security numbers '
'and other sensitive information, therefore the experts '
'questioned the accuracy of that claim.',
'impact': {'data_compromised': ['Medical Information',
'Social Security Numbers'],
'systems_affected': ['Medical Record Databases']},
'post_incident_analysis': {'corrective_actions': 'The organizations had '
'discovered and fixed the '
'cybersecurity flaw.',
'root_causes': 'Lack of Encryption and Password '
'Protection'},
'references': [{'source': "MacKeeper's Experts"}],
'response': {'remediation_measures': 'The organizations had discovered and '
'fixed the cybersecurity flaw.'},
'title': 'Medical Record Databases Exposure',
'type': 'Data Exposure',
'vulnerability_exploited': 'Lack of Encryption and Password Protection'}