September 24, 2019

OPEN SOURCE IT ALL:

Millions of Americans' Medical Images and Data Are Available on the Internet. Anyone Can Take a Peek.: Hundreds of computer servers worldwide that store patient X-rays and MRIs are so insecure that anyone with a Web browser or a few lines of computer code can view patient records. One expert warned about it for years. (SEPTEMBER 17, 2019, Governing)

Medical images and health data belonging to millions of Americans, including X-rays, MRIs and CT scans, are sitting unprotected on the internet and available to anyone with basic computer expertise.

The records cover more than 5 million patients in the U.S. and millions more around the world. In some cases, a snoop could use free software programs -- or just a typical web browser -- to view the images and private data, an investigation by ProPublica and the German broadcaster Bayerischer Rundfunk found.

We identified 187 servers -- computers that are used to store and retrieve medical data -- in the U.S. that were unprotected by passwords or basic security precautions. The computer systems, from Florida to California, are used in doctors' offices, medical-imaging centers and mobile X-ray services.

The insecure servers we uncovered add to a growing list of medical records systems that have been compromised in recent years. Unlike some of the more infamous recent security breaches, in which hackers circumvented a company's cyber defenses, these records were often stored on servers that lacked the security precautions that long ago became standard for businesses and government agencies.

"It's not even hacking. It's walking into an open door," said Jackie Singh, a cybersecurity researcher and chief executive of the consulting firm Spyglass Security. Some medical providers started locking down their systems after we told them of what we had found.

Hard to think of anything that could be more useful to researchers than open medical records.

Posted by at September 24, 2019 2:20 PM

  

« IT'S NOT A pROGRESSIVE PARTY: | Main | IN FAIRNESS TO DONALD....: »