Following the news that Medical AI Database exposure of over 800 million patient records, IT security expert commented below.
<p>Entrusted with the collection and storage of highly sensitive patient and physician data, companies operating in the healthcare space have a responsibility to be hypervigilant in their security and governance practices. Similarly, healthcare service providers must hold their partners and vendors to strict security standards as well. The fact that almost 900 million records were left exposed without even basic password protection or identity authentication requirements displays a concerning lack of security guardrails. Far too often databases are unknowingly left exposed, leaving confidential patient and physician data vulnerable to malicious threat actors. Although in this instance, ethical security researchers discovered the breach and the issue was remediated thereafter, in many cases bad actors are the first to find and exploit exposed data. In order to properly secure sensitive data, organizations must take the first step of cyber asset management to discover all cyber assets in their IT environment and understand connections between business services. This allows for comprehensive visibility and management of all data in an IT environment and the security measures in place, in real time.</p>
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics