InfoSecBulletin Cybersecurity for mankind
Cybersecurity expert, Jeremiah Fowler discovered an unsecured database containing almost 5 million records reportedly relating to Care1 — a Canadian company offering AI software solutions.
He reported to VPN mentor that the publicly exposed database was unprotected, passwordless, and not encrypted, totaling 2.2 TB. It included records in PDF format detailing patient PII, doctors’ comments, and exam images, as well as .csv and .xls spreadsheets with patients’ home addresses, Personal Health Numbers (PHN), and health details.
Russia detects first SuperCard malware attacks via NFC
Income Property Investments exposes 170,000+ Individuals record
ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs
CISA Flags Active Exploits in Apple iOS and TP-Link Routers
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online
Canada 2nd largest airlines “WestJet” investigates cyberattack disrupting internal systems
Paraguay 7.4 Million Citizen Records Leaked on Dark Web
High-Severity Flaw in HashiCorp Nomad Allows Privilege Escalation
SoftBank: Over 137,000 personal info leaked
Alert
Trend Micro Apex One Flaw Allow Attackers to Inject Malicious Code
The database and its documents indicated that the records belonged to Care1, a Canadian medical tech company that offers software and AI reporting for optometrists specializing in retina and glaucoma treatments.
In Canada, a Personal Health Number (PHN) is a unique identifier used to share a patient’s health information among healthcare providers. This lifetime identifier stays the same even if a patient’s personal circumstances change. Although the PHN alone does not directly cause financial fraud or identity theft, it can be combined with other personal details to create patient profiles.
Care1 claims its software has handled over 150,000 patient visits and partners with more than 170 optometrists. Jeremiah Fowler reported that after he sent a responsible disclosure notice, public access was restricted the next day.
The duration of the database exposure and whether others accessed it is unknown. Only an internal forensic audit can reveal any additional access or suspicious activity.
Many healthcare systems around the world now use digital records and cloud storage. A 2019 survey found that approximately 86% of Canadian family doctors used electronic medical records (EMRs).
In the United States, the FBI reported 440 cyberattacks on healthcare facilities due to ransomware in 2023 and the first half of 2024. In Canada, however, there have been only 14 major attacks since 2015 that affected patient information.
Jeremiah Fowler said, “I received a reply from an administrator immediately after my disclosure notice stating: “Thank you for bringing this to our attention. Our team is currently working on resolving this issue”.
