Earlier this week, TechCrunch reported that Meditab, a California-based software company, leaked thousands of doctor’s notes, medical records, and prescriptions daily after a security lapse left an Elasticsearch server without a password. This is the 7th time in 2019, we have written about a company exposing data via a misconfigured Elasticsearch server.
Here are the six other orgs this year that have misconfigured Elasticsearch servers:
What happened this time?
Meditab, who describes themselves as a secure online electronic medical records & practice management software, processes electronic faxes for healthcare providers. However, according to TechCrunch, their fax server, which was running an Elasticsearch database with over six million records, wasn’t properly secured, and lacking password protection, anyone could read the transmitted faxes in real-time.
What information was exposed?
A trove of unencrypted personal information, including medical records, doctor’s notes, prescription amounts and quantities, as well as illness information, such as blood test results. The faxes also included names, addresses, Social Security numbers and most troubling, personal data and health information on children.
SpiderSilk, a Dubai-based cybersecurity firm, found and reported the exposed Elasticsearch Server and it remains unknown if anyone else discovered it, or how long the data was exposed.
How do you ensure continuous security in your cloud and container environments?
Invest in cloud operations. This is the best way to ensure that your organization is consistently and continually mitigating this risk. Cloud operations, or “CloudOps”, is the combination of people, processes, and tools that allow for organizations to consistently manage and govern cloud services at scale. Key to this is hiring and developing the right people, identifying processes that address the unique operational challenges of cloud services, and the automation of these processes with the right tools.
One vital tool in your CloudOps toolkit should be software that provides centralized visibility of configuration choices, real-time evaluation of these choices against security policies, and automated remediation when a policy is violated.
Interested in learning more? Speak with a DivvyCloud expert today!