FBI raids home of security researcher who unearthed data breach affecting 22,000

A data software security researcher may face charges after he exposed an encryption vulnerability in a dental practice software company that compromised the data of 20,000 patients, reports The Daily Dot.

In February, Justin Shafer discovered an online File Transfer Protocol server operated by dental practice management software company Eaglesoft that contained a directory with patient data. Mr. Shafer alerted Patterson Dental, which manufactured Eaglesoft, of the publicly available patient data, according to the report.

But now, Patterson Dental is alleging Mr. Shafer "exceeded authorized access" when accessing the online server and is in violation of the Computer Fraud and Abuse Act, according to The Daily Dot.

Last week, the FBI showed up at Mr. Shafer's house and seized 29 items.

"I think it is a cowardly thing to do to my family," Mr. Shafer told The Daily Dot. "I think they owe me a thank you, and I think they owe the patients and covered entities an apology. I also feel like they should be heavily fined for storing patient data on an anonymous FTP site for years."

More articles on data breaches:

Managing insider cybersecurity risk: 5 key findings 
Unhealthy rise in healthcare privacy breaches: 5 tips to stay ahead of patient privacy threats 
Vendor misconfiguration breaches Children's National Health System patient data 

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars