A medical transcription service provider was notified last week by a security company monitoring its system that the company had experienced a breach and was “leaking sensitive patient medical records” affecting thousands of the physicians it served. The company took down it’s customer Web portal after the notification.
The company’s transcription services are used by numerous hospitals, clinics and physicians. Apparently, the section of the company’s site that was used by the physicians to upload their audio-recorded patient notes was thought to be password protected but it was not and had open access to the Internet. This flaw made many of the online tools used by the company’s employees accessible to anyone with a Web browser. Someone accessing the site could even “add or delete users, search for patient records by physician or patient name” without supplying any authentication to do so.
Some of the company’s exposed pages were infected with a ransomware called “White Rose.” This ransomware attacks a victim’s files, encrypts them and holds them for ransom that is asked to be paid in some form of virtual currency like bitcoin.
The company’s founder and chief executive also confirmed that the company’s Wichita, Kansas location had been recently forced to rebuild its online servers due to a ransomware attack that kept its portal inoperative for almost two weeks. It is believed that that rebuild, inadvertently, contained the glitch that caused the recent exposure of patient records.
The number of patient records that were left exposed is unknown, but in just one of the main directories that was exposed there were almost 3,000 physicians each with a varying number of patient records.
