VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

Vulnerability in dental software exposed other patients' medical records

Уязвимость в ПО для стоматологий раскрыла чужие медзаписи

Colleagues, cybersecurity alert: I discovered a vulnerability in the Practice by Numbers portal that exposed other patients' medical records.

I highlight:
- changing the document ID in the URL allowed access to other patients' files—IDs were sequential;
- the portal is used by ~5,000 clinics; the reporting patient received no response from the company and escalated to the media;
- the company took the portal offline on 13 April, restored it on 17 April, said it will notify

Latest comments

No comments yet.