Lyfebin

Healthcare startup Lyfebin exposed 1000 medical imaging files, such as X-rays, MRI scans, and ultrasounds.

The files were found stored in an unprotected Amazon Web Services (AWS) storage bucket, without a password, allowing anyone who knew the easy-to-guess web address access to the data.

The storage bucket contained more than 93,000 files many appeared to be duplicates containing medical scans.

Our additional inquiries, such as how long the bucket was exposed, went unanswered by Lyfebin.

The business will not indicate if it intended to notify customers of the security breach.

Source: https://techcrunch.com/2019/12/20/lyfebin-medical-imagees-exposed/

TPRM report: https://scoringcyber.rankiteo.com/company/lyfebin

"id": "lyf2358523",
"linkid": "lyfebin",
"type": "Data Leak",
"date": "12/2019",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'industry': 'Healthcare',
                        'name': 'Lyfebin',
                        'type': 'Healthcare Startup'}],
 'attack_vector': 'Unprotected AWS Storage Bucket',
 'data_breach': {'data_encryption': 'No',
                 'file_types_exposed': ['X-rays', 'MRI scans', 'Ultrasounds'],
                 'number_of_records_exposed': 1000,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Medical imaging files'},
 'description': 'Healthcare startup Lyfebin exposed 1000 medical imaging '
                'files, such as X-rays, MRI scans, and ultrasounds. The files '
                'were found stored in an unprotected Amazon Web Services (AWS) '
                'storage bucket, without a password, allowing anyone who knew '
                'the easy-to-guess web address access to the data. The storage '
                'bucket contained more than 93,000 files many appeared to be '
                'duplicates containing medical scans.',
 'impact': {'data_compromised': ['Medical imaging files',
                                 'X-rays',
                                 'MRI scans',
                                 'Ultrasounds'],
            'systems_affected': ['AWS Storage Bucket']},
 'post_incident_analysis': {'root_causes': 'Misconfigured AWS Storage Bucket'},
 'references': [{'source': 'Cyber Incident Description'}],
 'title': 'Lyfebin Medical Imaging Files Exposure',
 'type': 'Data Exposure',
 'vulnerability_exploited': 'Misconfigured AWS Storage Bucket'}

Lyfebin

Rev-A-Shelf

DMC Consolidated, Inc.

Mid-America Apartment Communities