Is your medical imaging data safe? 4.4M files exposed online, according to new report

More than two billion files—including approximately 4.4 million medical imaging files—have been exposed online across various storage technologies, according to a new report from Digital Shadows. Approximately 4.7 million healthcare-related files overall were exposed.  

“As with all of the cases we discuss in this paper, not every single one of the exposed files is going to contain something sensitive,” according to the report. “However, the sheer amount of information exposed illustrates the extend of individuals’ privacy violations, and or regulations like HIPAA in the United States.”

The 4.4 million files represents an increase of more than 50 percent compared to a similar report released just one year ago. Digital Shadows noted that “many companies” are likely in breach of the European Union’s General Data Protection Regulation (GPDR) laws.

The Server Message Block protocol was found to be the most common technology associated with exposed files, with issues also reported involving FTP services, rsync, Amazon S3 buckets and Network Attached Storage devices.

“Not only are the ramifications of data privacy laws like GDPR significant, the exposed data gives attackers everything they need to launch personalized attacks targeting their customers, employees, and third parties,” according to a news release from Digital Shadows. “For example, Digital Shadows observed over 17 million exposed files have been encrypted by ransomware, 2 million of which by the recently discovered ‘NamPoHyu’ variant. Businesses have likely been impacted by these ransomware attacks and may not be aware.”

Of course, there are also significant risks for individuals impacted by these data breaches. Consumers do have “more power than ever” to act against these organizations, according to Digital Shadows.

“Our research shows that in a GDPR world, the implications of inadvertently exposed data are even more significant,” Harrison Van Riper, an analyst for Digital Shadows, said in the news release. “Countries within the European Union are collectively exposing over one billion files—nearly 50% of the total we looked at globally—some 262 million more than when we looked at last year. We urge all organizations to regularly audit the configuration of their public facing services.”

Michael Walter
Michael Walter, Managing Editor

Michael has more than 18 years of experience as a professional writer and editor. He has written at length about cardiology, radiology, artificial intelligence and other key healthcare topics.

Around the web

The nuclear imaging isotope shortage of molybdenum-99 may be over now that the sidelined reactor is restarting. ASNC's president says PET and new SPECT technologies helped cardiac imaging labs better weather the storm.

CMS has more than doubled the CCTA payment rate from $175 to $357.13. The move, expected to have a significant impact on the utilization of cardiac CT, received immediate praise from imaging specialists.

The all-in-one Omni Legend PET/CT scanner is now being manufactured in a new production facility in Waukesha, Wisconsin.