Excerpt from Financial Express Article, Published on Oct 25, 2023
Concerns arise over a possible data breach at Redcliffe Labs as cybersecurity expert Jeremiah Fowler reveals a major security lapse. Fowler reports that a database containing over 12 million patient records, including medical diagnostic scans and test results, was left unprotected without a password.
The exposed database, which held 7 terabytes of data, could lead to severe consequences, such as medical identity theft and ransomware attacks. Redcliffe Labs, an India-based diagnostics service provider, allegedly left this sensitive information open to potential exploitation.
Fowler also disclosed that the database contained over 6 million PDF documents under the folder “test results,” raising questions about the actual number of affected customers.
Additionally, development files from Redcliffe Labs’ mobile application were found in the exposed database, which could pose a risk in the wrong hands.
Redcliffe Labs has not confirmed whether they have notified authorities or affected individuals regarding this data exposure. While Fowler does not allege wrongdoing by Redcliffe Labs, he emphasizes the need for a thorough investigation to determine the extent of access to the exposed health records and internal information.
Redcliffe Labs maintains that there has been no data breach and stresses its commitment to data security. They have implemented strict security measures, including dedicated firewalls and encryption, to safeguard customer data.
The incident underscores the vulnerability of the healthcare industry to cyberattacks due to the enduring value of personal health data to malicious actors. Healthcare records are highly sought-after on the dark web, making them a prime target for cybercriminals.
To delve deeper into this topic, please read the full article on FinancialExpress.