1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Worlds largest healthcare cooperative leaks millions of patient-d

    From TechnologyDaily@1337:1/100 to All on Friday, May 30, 2025 13:15:07
    Worlds largest healthcare cooperative leaks millions of patient-doctor messages

    Date:
    Fri, 30 May 2025 12:14:00 +0000

    Description:
    Experts warn Unimed kept an open database with chat logs exposed to the wider internet.

    FULL STORY ======================================================================Cybernew s finds major database containing chat logs unsecured online The archive belongs to one of the biggest healthcare cooperatives, Unimed There is no evidence of prior abuse, it was said, but users should be on their guard

    One of the worlds biggest healthcare cooperatives kept an open database with millions of patient-doctor messages, along with plenty of sensitive
    healthcare information, documents, images, and more.

    Cybersecurity researchers from Cybernews found an exposed Kafka instance, and attributed it to Unimed.

    Subsequent investigation determined the logs were generated when patients talked to Sara, Unimeds AI-powered chatbot, as well as human doctors. Images, PII, and more

    Cybernews said its researchers were able to intercept more than 140,000 messages sent via the companys chat feature but, based on the logs of the leaking instance, at least 14 million messages could have been sent this way.

    The leak is very sensitive as it exposed confidential medical information . Attackers could exploit the leaked details for discrimination and targeted hate crimes, as well as more standard cybercrime such as identity theft, medical and financial fraud, phishing, and scams, the researchers said.

    The information exposed this way includes peoples uploaded pictures and documents, sent messages, full names, phone numbers, email addresses, and Unimed card numbers.

    While sifting through millions of messages could feel like a daunting task, feeding the archive into a Large Language Model (LLM) significantly
    simplifies the process. Threat actors could build detailed patient profiles with the help of AI, and use them to draft authentic, personalized phishing lures.

    Luckily enough, after being notified about the issue, Unimed locked the instance down.

    It claims that no one discovered it before Cybernews, and that no harm came
    of it: Unimed do Brasil informs that it has investigated an isolated
    incident, identified in March 2025, and promptly resolved, with no evidence, so far, of any leakage of sensitive data from clients, cooperative
    physicians, or healthcare professionals, the notification email reads. An in-depth investigation remains ongoing.

    A healthcare cooperative is a member-owned, nonprofit organization that provides or facilitates access to healthcare services for its members. You might also like This ancient browser security flaw affecting Safari, Chrome and Firefox is finally being fixed Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/worlds-largest-healthcare-cooperative-l eaks-millions-of-patient-doctor-messages


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)