Download Our DHN Survey Result 2024
Exclusive
Realize your Healthcare’s Digital Transformation journey with ScaleHealthTech Learn More

Noida-Based Redcliffe Labs Breaches 1.2 Cr Sensitive Medical Data, Company Denies

Written by : Aishwarya Sarthe

October 30, 2023

Category Img

The uncovered database reportedly included sensitive health information, including medical diagnostic scans, test results, patient and doctor names, and details regarding whether tests were conducted at home or medical facilities.

A significant breach in the security of Noida-based Redcliffe Labs, a major Indian diagnostic center, resulted in the exposure of more than 1.2 Cr medical records, including sensitive patient information. 

The breach was discovered by cybersecurity researcher Jeremiah Fowler, who found an unprotected database housing extensive medical data.

The breach, reported last Wednesday, disclosed a trove of medical test results, diagnostic scans, and other confidential health records. Fowler confirmed that the exposed database contained approximately 12,347,297 records, totaling a substantial 7 terabytes.

In his report, Fowler revealed, "The unprotected database held a vast array of sensitive health information, including patient names, doctors' details, and specifics on whether tests were conducted at home or in medical facilities."

In addition to the medical records, the exposed database contained developmental files from Redcliffe Labs' mobile application. Fowler highlighted the potential risks associated with the exposure of such application files, citing the potential for cybercriminals to manipulate application functionality and compromise user data and device security.

He warned, "Malicious actors could exploit this data to conduct various cyberattacks, endangering user privacy and potentially identifying vulnerabilities in the application.”

Contradicting these claims, Redcliffe Labs' chief technology officer, Prabhat Pankaj, refuted any data breach allegations. Pankaj explained that the company's data is stored within private virtual clouds, inaccessible to the public, even with credentials. He said, "Our robust security framework includes encryption and regular security checks."

He added, "At Redcliffe Labs, our infrastructure is fortified with dedicated firewalls and robust security measures to safeguard our customers' data."

The Indian diagnostic center, Redcliffe Labs, offers a gamut of wellness and illness tests, has served over 2.5 million customers through in-home, medical facility, and online mobile application services. 

Despite the denial of a data breach, a folder labeled "test results" within the exposed database contained over 6 million PDF documents, raising concerns about the potential extent of the breach's impact on customers.

This breach raises important questions about the healthcare sector's security measures and vulnerabilities in safeguarding sensitive medical data, urging a more robust approach to data protection.
In response to the recent cyber attack at the All India Institute of Medical Sciences (AIIMS), the Postgraduate Institute of Medical Education and Research (PGIMER) has initiated cybersecurity audits for its Hospital Information System (HIS). 

The objective behind these audits was to uncover and address any possible vulnerabilities within PGIMER's systems, fortifying its defenses against potential cyber threats in the future.


About Chime India

The College of Healthcare Information Management Executives (CHIME) is an executive organization dedicated to serving senior digital health leaders. CHIME includes more than 5,000 members in 56 countries and two US territories and partners with over 150 healthcare IT businesses and professional services firms. CHIME enables its members and business partners to collaborate, exchange ideas, develop professionally and advocate the effective use of information management to improve the health and care throughout the communities they serve. CHIME's members are chief information officers (CIOs), chief medical information officers (CMIOs), chief nursing information officers (CNIOs), chief innovation officers (CIOs), chief digital officers (CDOs), and other senior healthcare leaders. The CHIME India Chapter became the first international chapter outside North America in 2016 and is now a community of over 70+ members in India. For more information, please visit www.chimecentral.org

ABOUT US

Digital Health News ( DHN) is India’s first dedicated digital health news platform launched by Industry recognized HealthTech Leaders. DHN Is Industry’s Leading Source Of HealthTech Business, Insights, Trends And Policy News.

DHN Provides In-Depth Data Analysis And Covers Most Impactful News As They Happen Across Entire Ecosystem Including Emerging Technology Trends And Innovations, Digital Health Startups, Hospitals, Health Insurance, Govt. Agencies & Policies, Pharmaceuticals And Biotech.

CONTACT US

© Digital Health News 2024