Plus: Iranians accused of hacking IT service providers to get at their customers
Roundup Everything is insecure and everything is broken, exhibits A through Z:
Plastic surgery biz botches storage, leaks patient records
A software vendor specializing in record-keeping tools for plastic surgery clinics poorly secured a storage bucket hosted by Amazon Web Services containing hundreds of thousands of sensitive patient photos and records.
The team at vpnMentor discovered and reported a public-facing, insecure AWS S3 bucket belonging to NextMotion. The French software developer has since taken down the database, but the exposed records were, apparently, very intimate and accessible by anyone.
"The compromised database contained 100,000s of profile images of patients, uploaded via NextMotion’s proprietary software," noted vpnMentor. "These were highly sensitive, in ..
Support the originator by clicking the read the rest link below.