Exposure of Sensitive Health Data from Confidant Health

SOURCE www.wired.com
Sensitive health details of thousands of people, including audio and video of therapy sessions, were openly accessible on the internet due to an unsecured database linked to virtual medical provider Confidant Health. The exposed information included personal therapy session reports, psychiatry intake notes, medical histories, and administration documents. Confidant Health quickly shut off access to the exposed database after being alerted by a security researcher.

Key Points

  • Exposure of over 120,000 files and 1.7 million activity logs of patients' health data
  • Exposed data included personal therapy session reports, psychiatry intake notes, medical histories, and administration documents
  • Some files contained audio and video of patient sessions
  • Confidant Health took immediate action to secure the exposed database

Pros

  • Security researcher discovered the exposed data and alerted the company
  • Confidant Health quickly secured the database after being notified

Cons

  • Highly sensitive health details of patients were openly accessible on the internet
  • Risk of data being abused by malicious actors if not properly secured