DeepThink Health, VScript left thousands of patients' info exposed online

Two healthcare companies, DeepThink Health and VScript, had unsecured websites that could be accessed by anyone online, according to cybersecurity organization WizCase

Across the globe, nine companies had databases that were easily accessible online. Some of the data that was exposed included prescriptions, medical observations, lab visits and Social Security numbers, as well as names and addresses. 

Upon discovering the vulnerabilities, WizCase contacted the companies.

DeepThink Health, which provides analytics and machine learning for the medical market and was formerly known as Jintel Health, had around 700,000 patient records accessible online. Patient data, including medical information, was found on an open server. Further information that was exposed included cancer treatment details, patient names, addresses and phone numbers. 

Pharmacy software provider VScript also left around 800 patient records exposed online, reports WizCase. A database that was accessible to anyone online had entries about payment transactions. Additionally, photos of drug prescriptions and medicine bottles with patients' names, addresses, phone numbers and dates of birth could be found online. 

To read the full report, click here

More articles on cybersecurity:
8 hospitals, health systems hit by ransomware attacks
Cancer Treatment Centers of America alerts 3,200 patients of data breach
Why cyberattacks can be crippling to smaller hospitals

© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.