In a concerning development, unauthorized FTP access to 1.5 terabytes of sensitive patient data from a major US healthcare provider is being offered for sale. The access includes comprehensive patient files with detailed personal information. The access type is FTP with write-download capabilities, allowing potential buyers to manipulate the data as they see fit. The data, which is 1.5 TB in size, became available on January 30, 2024.
Allegedly, The patient files contain a wealth of personal information, including addresses, patient names, dates of birth, Social Security Numbers (SSNs), gender, phone numbers, and much more. Alarmingly, the data is actively updated and edited by the company on a daily basis. Despite being listed for sale since March 2, 2024, it remains unsold. The target organization encompasses more than 50 facilities across the United States, making the potential impact of this breach extensive.
- Access Type: FTP with write-download capabilities
- Data Size: 1.5 TB
- Availability: As of January 30, 2024
- Content: Complete patient files, including addresses, patient names, dates of birth, Social Security Numbers (SSNs), gender, phone numbers, and much more
- Update: The data is actively updated and edited by the company daily. Despite being listed for sale since March 2, 2024, it remains unsold.
- Scope: The target includes more than 50 facilities across the United States
