1.19 billion confidential medical images available on the internet (Nov 20, 2019)
Greenbone Network research into the security of Picture Archiving and Communication Systems (PACS) servers used by health providers has revealed data records accessible online is increasing. The researchers found 1.19 billion confidential medical images were currently accessible, some containing Military personnel numbers, social security numbers, names and date of birth.
Recommendation: Missing controls form a large part of how this data breach is occuring. It is noted in the report that the controls outlined in the Health Insurance Portability and Accountability Act of 1996 (HIPPA) in the United Statesare largely missing. Organisations should check their information security practice reviews current controls, and whether or not they are in line with frameworks such as the ISO/IEC 27001 standard.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.