1. You Are At:
  2. English News
  3. Technology
  4. Dr Lal PathLabs leaks millions of patients' sensitive data as part of major data breach: Know details

Dr Lal PathLabs leaks millions of patients' sensitive data as part of major data breach: Know details

The data belonged to millions of patients and could be accessed by anyone and even misused by people with malicious intents

India TV Tech Desk India TV Tech Desk
New Delhi Published on: October 10, 2020 10:36 IST
dr lal pathlabs, data breach, data, security, cybersecurity, dr all pathlabs expose millions of user
Image Source : PIXABAY

Dr Lal PathLabs' security lapse

As part of a major data breach, popular lab testing company in India -- Dr Lal PathLabs -- leaked millions of patients' data. The data was left exposed on a public server for months, as suggested by Australia-based security expert Sami Toivonen. Read on to know more about the data breach.

Dr Lal PathLabs data breach

It is suggested that Dr Lal PathLabs was storing its patients' personal and sensitive data on large spreadsheets that were hosted on Amazon Web Services (AWS). The data, however, wasn't password-protected and could be accessed by anyone, especially for malicious purposes.

The data belonged to millions of patients who were using Dr Lal PathLabs' services and included information on patient’s name, address, gender, date of birth and cell number, along with details about the tests being conducted by the lab. This also involved whether or not a patient is a COVID-19 positive. This However, there is no word on how long the data remained in open

Sami Toivonen discovered the security lapse in September and informed the lab testing firm of the same. While Dr Lal PathLabs blocked access to the data as a sigh of relief, it didn't respond to Toivonen.

Toivonen, in a statement to TechCrunch, said, "Once I discovered this I was blown away that another publicly-listed organization had failed to secure their data, but I do believe that security is a team sport and everyone’s responsibility. I’m glad that they secured it within a few hours after I contacted them because this kind of exposure with millions of patient records could be misused in so many ways by the malicious actors."

Dr PathLabs is currently looking into the matter, following which the company will decide its further course of action.

Latest technology reviews, news and more

Write a comment