Global Medical Data Breach:120 Million Indian Patients' Details Available On Internet For Free

In the first report which was published in October last year, the massive data leak contained images of CT scans, X-rays, MRIs and even patients' photographs.

5 Feb 2020 7:32 AM GMT / Updated : 2020-02-05T14:44:47+05:30
Global Medical Data Breach:120 Million Indian Patients

Image Credit: Pixabay (Representational Image)

A recent report published by Greenbone Sustainable Resilience, a German cybersecurity firm has revealed that over 120 million Indian patients' medical details have been leaked and made freely available on the Internet.

A month after Greenbone's initial report was published, the number of data troves containing such information went up by a massive name in the Indian context. According to the updated report, Maharashtra tops the states affected by the leak.

In the first report published October last year, the massive data leak contained images of CT scans, X-rays, MRIs and even patients' photographs.

In November, a follow-up report was published, classifying countries in the "good", "bad" and "ugly" categories based on what actions the government took after the first report was made public. After the US, India ranks second in the "ugly" category.

Two months after the first report was published, the number of pictures of patients' details rose from 105 million to 121 million, and that of data troves with patients' information went up from 6,27,000 to 1.01 million.

"It is a notable fact for the systems located in India, that almost 100 per cent of the studies (data troves) allow full access to related images," The Hindu quoted the report as stating.

The follow-up report states that Maharashtra tops the number of data troves available online - 3,08,451 troves offers access to 6,97,89,685 images - followed by Karnataka with 1,82,865 data troves giving access to 1,37,31,001 images.

"The leak is worrying because the affected patients can include anyone from the common working man to politicians and celebrities. In image-driven fields like politics or entertainment, knowledge about certain ailments faced by people from these fields could deal a huge blow to their image. The other concern is of fake identities being created using the details, which can be misused in any possible number of ways," a Maharashtra cybersecurity officer said.

"Any communication between a patient and a doctor is a privileged one," Medico-legal expert Lalit Kapoor said. "A doctor or a hospital is thus ethically, legally and morally bound to maintain confidentiality," he said.

According to Greenbone's original report, the Picture Archiving and Communications Systems (PACS) servers are not secure. These servers have the details stored in them and are linked to the public Internet without any protection, facilitating the leak.

"The fact that PACS servers are vulnerable to attack or are accessible is not new information, and there have been a number of reports on this topic in the past. No report, however, has dealt with the breadth and depth of the problem associated with unsecured PACS servers," the report states.

Also Read: Another Aadhaar Data Leak From AP Website Reveals Bank Details, Phone Numbers, Religion Of 1.3 Lakh People

Suggest a correction

    Help Us Correct

    To err is human, to help correct is humane
    Identified a factual or typographical error in this story? Kindly use this form to alert our editors
  • *
  • *
  • *
  • Form Submitted Successfully
    Error in submitting form. Try again later

Contributors

Sumanti Sen

Sumanti Sen

Digital Journalist

"I think there's just one kind of folks. Folks."

Shubhendu Deshmukh

Shubhendu Deshmukh

Digital Editor

News junky, crazy about politics, love science and technology. Hindi, Urdu poem lover.

The Logical Indian Crew

The Logical Indian Crew

contributor

Next Story