2 min read

Leaky Server at Indian Healthcare Provider Exposes Covid Results and PII of 1.7 Million People

Alina BÎZGĂ

September 26, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Leaky Server at Indian Healthcare Provider Exposes Covid Results and PII of 1.7 Million People

Since July 2, the unsecured database of an Indian healthcare software provider has been leaking Covid antigen results paired with other personally identifiable information (PII) of 1.7 million citizens and foreign nationals online.

Security researcher Anurag Sen discovered the leaky server while scanning for misconfigured databases on Shodan. The researcher uncovered over 23 GB of PII, including medical records from individuals who traveled to or from India during the Covid-19 pandemic.

Exposed data includes:

  • Full names, gender, date of birth and nationality
  • Contact information including phone numbers and physical addresses
  • Vote ID numbers, passport numbers and Aadhaar numbers
  • Underlying medical conditions, Covid test results and vaccine details

The server remains exposed despite multiple attempts to contact the company.

Associated risks for victims

Although it remains unclear whether threat actors also gained access to the treasure trove of data found on the unsecured server, the sensitive nature of the user entries exposes unsuspecting users to targeted phishing attacks and identity theft that could lead to further exposure of data and financial losses.

Still, the researcher is protecting the identity of the company to ensure that malicious individuals won’t go after the data to hold it for ransom or trade it on dark web marketplaces.

Steps data breach victims can take to protect their finances and identity

It’s only a matter of time before your personal data is reported in a data breach or leaked on the dark web. To limit the chances of becoming just another data breach statistic or identity theft victim, always follow these steps:

  • Change your passwords and enable two-factor authentication for all accounts that use the same login credentials as the breached platform
  • Monitor your credit report and financial accounts
  • Place a fraud alert on your credit report
  • Consider a security freeze on your credit file
  • Watch out for unsolicited emails, texts or phone calls that ask you to provide sensitive data or confirm financial data, especially if they are tied to a security incident
  • Use a security solution to safeguard your device against malicious attacks and fraudulent links

Has your data been exposed in a data breach? Find out today with Bitdefender Digital Identity Protection, a dedicated privacy tool that keeps you on top of data breaches and leaks with 24/7 data breach monitoring and real-time alerts for privacy threats.

Consumers in the US can fend off identity theft and fraud by subscribing to our dedicated Identity Theft Protection service that offers real-time fraud, data breach and credit monitoring, SSN tracker and support of our #1-rated experts including insurance of up to $2 million.

tags


Author



Right now

Top posts

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

500 million WhatsApp mobile phone numbers are up for grabs on the dark web 500 million WhatsApp mobile phone numbers are up for grabs on the dark web
Alina BÎZGĂ

November 25, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip How to monitor your online privacy during your Thanksgiving trip
Alina BÎZGĂ

November 22, 2022

3 min read
Elasticsearch server actively scraping Mastodon user data; over 150,000 individuals exposed so far Elasticsearch server actively scraping Mastodon user data; over 150,000 individuals exposed so far
Alina BÎZGĂ

November 21, 2022

1 min read