Exclusive
scalehealthtech Realize your Healthcare’s Digital Transformation journey with ScaleHealthTech Learn More

Noida-Based Redcliffe Labs Breaches 1.2 Cr Sensitive Medical Data, Company Denies

Written by : Dr. Aishwarya Sarthe

October 30, 2023

Category Img

The uncovered database reportedly included sensitive health information, including medical diagnostic scans, test results, patient and doctor names, and details regarding whether tests were conducted at home or medical facilities.

A significant breach in the security of Noida-based Redcliffe Labs, a major Indian diagnostic center, resulted in the exposure of more than 1.2 Cr medical records, including sensitive patient information. 

The breach was discovered by cybersecurity researcher Jeremiah Fowler, who found an unprotected database housing extensive medical data.

The breach, reported last Wednesday, disclosed a trove of medical test results, diagnostic scans, and other confidential health records. Fowler confirmed that the exposed database contained approximately 12,347,297 records, totaling a substantial 7 terabytes.

In his report, Fowler revealed, "The unprotected database held a vast array of sensitive health information, including patient names, doctors' details, and specifics on whether tests were conducted at home or in medical facilities."

In addition to the medical records, the exposed database contained developmental files from Redcliffe Labs' mobile application. Fowler highlighted the potential risks associated with the exposure of such application files, citing the potential for cybercriminals to manipulate application functionality and compromise user data and device security.

He warned, "Malicious actors could exploit this data to conduct various cyberattacks, endangering user privacy and potentially identifying vulnerabilities in the application.”

Contradicting these claims, Redcliffe Labs' chief technology officer, Prabhat Pankaj, refuted any data breach allegations. Pankaj explained that the company's data is stored within private virtual clouds, inaccessible to the public, even with credentials. He said, "Our robust security framework includes encryption and regular security checks."

He added, "At Redcliffe Labs, our infrastructure is fortified with dedicated firewalls and robust security measures to safeguard our customers' data."

The Indian diagnostic center, Redcliffe Labs, offers a gamut of wellness and illness tests, has served over 2.5 million customers through in-home, medical facility, and online mobile application services. 

Despite the denial of a data breach, a folder labeled "test results" within the exposed database contained over 6 million PDF documents, raising concerns about the potential extent of the breach's impact on customers.

This breach raises important questions about the healthcare sector's security measures and vulnerabilities in safeguarding sensitive medical data, urging a more robust approach to data protection.
In response to the recent cyber attack at the All India Institute of Medical Sciences (AIIMS), the Postgraduate Institute of Medical Education and Research (PGIMER) has initiated cybersecurity audits for its Hospital Information System (HIS). 

The objective behind these audits was to uncover and address any possible vulnerabilities within PGIMER's systems, fortifying its defenses against potential cyber threats in the future.


POPULAR CATEGORIES

WEEKLY POPULAR POSTS

ABOUT US

Digital Health News ( DHN) is India’s first dedicated digital health news platform launched by Industry recognized HealthTech Leaders. DHN Is Industry’s Leading Source Of HealthTech Business, Insights, Trends And Policy News.

DHN Provides In-Depth Data Analysis And Covers Most Impactful News As They Happen Across Entire Ecosystem Including Emerging Technology Trends And Innovations, Digital Health Startups, Hospitals, Health Insurance, Govt. Agencies & Policies, Pharmaceuticals And Biotech.

CONTACT US

© Digital Health News 2024