Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the accelerated-mobile-pages domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Deprecated: Optional parameter $options declared before required parameter $ad is implicitly treated as a required parameter in /www/cisomagcom_810/public/wp-content/plugins/advanced-ads/classes/display-conditions.php on line 208

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the easy-digital-downloads domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the edd_cfm domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the edds domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the edd-recurring domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Deprecated: Optional parameter $params declared before required parameter $secretWord is implicitly treated as a required parameter in /www/cisomagcom_810/public/wp-content/plugins/edd-2checkout/sdk/lib/Twocheckout/TwocheckoutReturn.php on line 6

Deprecated: Optional parameter $insMessage declared before required parameter $secretWord is implicitly treated as a required parameter in /www/cisomagcom_810/public/wp-content/plugins/edd-2checkout/sdk/lib/Twocheckout/TwocheckoutNotification.php on line 6

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the edd-recurring domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the Newsmag domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Warning: Cannot modify header information - headers already sent by (output started at /www/cisomagcom_810/public/wp-includes/functions.php:6121) in /www/cisomagcom_810/public/wp-content/themes/Newsmag/functions.php on line 616

Warning: Cannot modify header information - headers already sent by (output started at /www/cisomagcom_810/public/wp-includes/functions.php:6121) in /www/cisomagcom_810/public/wp-includes/feed-rss2.php on line 8
Utah Archives - CISO MAG | Cyber Security Magazine Beyond Cyber Security Mon, 15 Mar 2021 11:40:15 +0000 en-US hourly 1 https://wordpress.org/?v=6.8.1 Unsecured Server Exposes PII of 50,000 Patients in Utah https://staging-cisomagcom.kinsta.cloud/premier-diagnostics-data-exposed/ Mon, 15 Mar 2021 11:40:15 +0000 https://staging-cisomagcom.kinsta.cloud/?p=10728 A Utah-based COVID-19 testing service, Premier Diagnostics, accidentally exposed the personally identifiable information (PII) belonging to 50,000 patients through an unsecured server. The exposé was done by Comparitech’s lead researcher Bob Diachenko, who discovered the unsecured database of Premier Diagnostics during one of his routine scans. The exposed data included patients’ sensitive information like scanned […]

The post Unsecured Server Exposes PII of 50,000 Patients in Utah appeared first on CISO MAG | Cyber Security Magazine.

]]> A Utah-based COVID-19 testing service, Premier Diagnostics, accidentally exposed the personally identifiable information (PII) belonging to 50,000 patients through an unsecured server. The exposé was done by Comparitech’s lead researcher Bob Diachenko, who discovered the unsecured database of Premier Diagnostics during one of his routine scans. The exposed data included patients’ sensitive information like scanned passport copies, medical/health insurance IDs, driver’s licenses, and so on. According to Diachenko’s investigation, the exposed data majorly belonged to people from Utah and the neighboring states of Nevada and Colorado.

About the Exposé

As per Comparitech’s blog, Diachenko found two large unsecured Amazon S3 Buckets of Premier Diagnostics, however, he was initially unaware of who they belonged to. One of these S3 buckets was named patient-images and contained 207,524 images of patients’ photo ID scans. Whereas the second S3 bucket, which was named paper-records, included a tabular database of names, dates of birth, and test sample IDs from patients who took COVID-19 tests from their 11 diagnostic centers across Utah. Giving a detailed case study of how things panned out, Comparitech published the following timeline:

  • January 25, 2021 – The first of the two databases was indexed by a search engine.
  • February 22, 2021 – Diachenko discovered the exposed data and began his investigation to identify the owner.
  • February 24, 2021 – Unable to identify the owner, Diachenko sent an alert to the Amazon Web Services security team. He received a response that the owner would be informed via internal channels.
  • February 25, 2021 – After further examination of exposed data, Diachenko identified Premier Diagnostics as the likely owner, and sent a disclosure accordingly.
  • March 1, 2021 – After several days with no response, Comparitech’s editorial team was able to establish contact with Premier Diagnostics. The data was secured later in the day.
  • March 5, 2021 – Premier Diagnostics requested additional time for security experts to review their infrastructure.

Related News:

Cybercriminals Attacked Unsecured Databases 18 Times Per Day

Doing the math, the number of images exposed was more than 200,000 however, the number of patients affected was only over 50,000. Something did not add up correctly. Comparitech reached out to Premier Diagnostics and found that “each patient is associated with four images: the front and back of a medical insurance card, and the front and back of a second ID such as a driver’s license or passport. That means roughly 52,000 patients are affected.”

The data has now been secured by Premier Diagnostics and no exploitation of the details has been registered as of now. However, the type of data exposed in this incident can lead to identity theft, phishing attacks, health insurance fraud, etc. against the patients who have been affected. Owing to this we request all the patients who have taken the COVID-19 tests at Premier Diagnostics to be alert and monitor all financial and important services associated with them that are linked with the exposed data.

Related News:

Microsoft’s Unsecured Bing Mobile App Exposes 6.5TB of Users’ Data

The post Unsecured Server Exposes PII of 50,000 Patients in Utah appeared first on CISO MAG | Cyber Security Magazine.

]]>