There have been reports of leaking data of millions of patients of Dr Lal PathLabs, India’s largest diagnostic chain. These data were leaked from a server which was not secure. These included patients’ contact details to reports.
When a cyber expert Sami Toivonen warned the company about this, then the company stopped this exposure within a few hours. But one data leaked through unsecured servers for about a year.
Sami Toivonen, who lives in Melbourne, said the number of patients whose data was leaked could be in the millions. Data for the beginning of the year 2019 were also available.
Kovid-19 data also leaked!
According to the expert, the booking details of patients, their name, gender, address, phone number, e-mail ID, digital signature, limited payment details, doctor details, details of their tests have all been leaked. According to a report by Tech Trump, many data also revealed whether the patient is Kovid-19 positive or not.
How was the leak?
Significantly, on behalf of Dr. Lal Pathlabs, these data were being hosted on Amazon Web Services and were not password protected. Anyone can access these data easily. Toivonen said that it is not yet clear how long this data remained available in the open and whether these data have reached the unwanted elements. He said that it can be misused in many ways.
What Dr LalPathLabs said
A spokesperson for Dr. Lal Pathlabs admitted that the data had been leaked. He said that some temporary records were kept in a bucket of server for working purposes. But this is just 0.5 percent of our record. As soon as we came to know about this exposure, it was resolved immediately.