On December 27, Bob Diachenko of theMacKeeper Security Research team contacted DataBreaches.net to say they had discovered patient data from those two entities was exposed and that anyone could access it and acquire it without any login required.
“Tons of clinical reports, medical histories, PII and patient pictures (mostly before/after breast augmentation procedures)!” they wrote. In subsequent correspondence, Diachenkostated that there were “thousands” of patient medical histories, many very detailed and some including reference to issues such as cocaine use. The files they provided to this site as examples included the patients’ full name, date of birth, telephone number, pre-operative diagnoses, description of the procedure(s), post-operative diagnoses, and clinical notes. For...(continued)