News LabCorp security lapse exposed thousands of medical documents - Printable Version +- Red Security (https://redsecurity.info/cc) +-- Forum: General (https://redsecurity.info/cc/forumdisplay.php?fid=1) +--- Forum: News (https://redsecurity.info/cc/forumdisplay.php?fid=4) +--- Thread: News LabCorp security lapse exposed thousands of medical documents (/showthread.php?tid=1377) |
LabCorp security lapse exposed thousands of medical documents - Mr.Kurd - 01-28-2020 In The Name OF Allah Al-Salam Alekum Hackers keep targeting health centers, So being a patient in life is not enough! you still at the risk of your Data being exposed. Quote:A security flaw in LabCorp’s website exposed thousands of medical documents, like test results containing sensitive health data. Quote:This latest security lapse was caused by a vulnerability on a part of LabCorp’s website, understood to host the company’s internal customer relationship management system. Although the system appeared to be protected with a password, the part of the website designed to pull patient files from the back-end system was left exposed. That unprotected web address was visible to search engines and was later cached by Google, making it accessible to anyone who knew where to look. The cached search result only returned one document — a document containing a patient’s health information. But changing and incrementing the document number in the web address made it possible to access other documents. The Source Wa Salam Alekum |