Millions of UK healthcare worker records exposed in massive software breach
- Researchers found unsecured online database with almost eight million files
- Database contained work authorization documents, national insurance numbers, certificates, and other sensitive data
- It belonged to software firm Logezy, which says the database is locked down now
Millions of healthcare workers in the United Kingdom have had their sensitive data leaked online, after a non-password-protected database was found unsecured on the internet.
Security researcher Jeremiah Fowler found a database 1.1TB in size containing almost eight million files (7,975,438), including images and .PDF files, work authorization documents, national insurance numbers, certificates, electronic signatures, timesheets, user images, and government-issued identification documents.
Furthermore, the archive contained 656 directory entries indicating different companies, the majority of which were healthcare providers, recruiting agencies, and temporary employment services.
Identity theft and other risks
Fowler determined the database belonged to Logezy, an employee management and tracking software company based in the UK.
He notified Logezy of his findings, and the company locked the database down “shortly after”.
To hunt for unprotected databases, researchers would use a specialized search engine, such as Shodan, and analyze the results.
So far, Fowler has found dozens of similar instances, including ClickBalance (more than 750 million records), DM Clinical Research (over a million clinical records), or ServiceBridge (31 million).
Without a detailed forensic analysis, it is impossible to know if a threat actor already accessed the database and exfiltrated the information found there.
It is also impossible to know for how long the archive remained unlocked, and if Logezy managed it, or a third party on its behalf.
These instances are considered a low-hanging fruit for cybercriminals. Stealing this information does not require phishing, social engineering, hunting for zero-day vulnerabilities, or exploiting unpatched endpoints.
Yet, the data inside is valuable since it’s usually up-to-date and can be used in all sorts of fraud, including wire fraud, payment scams, identity theft, and more.
If you have used Logezy in the past, it would be wise to keep a closer eye on your accounts and credit reports for potentially suspicious activity.
You might also like
Researchers found unsecured online database with almost eight million files Database contained work authorization documents, national insurance numbers, certificates, and other sensitive data It belonged to software firm Logezy, which says the database is locked down now Millions of healthcare workers in the United Kingdom have had their sensitive data…
