- Archer Health presented 145,000 confidential files through a publicly protection database
- The leaked data included names, SSNS, diagnoses and other personal and medical information
- The database was secured after the researcher’s council; There is no dark web distribution evidence yet
Archer Health, a provider of palliative care services and in the home based in the United States, maintained a broad -protection database available on the wider Internet, filtering confidential personal and health data to anyone who knew where to look for, experts have warned.
Cybersecurity researcher Jeremiah Fowler marked the discovery for Websiteplanet After finding the database and helping him block.
Fowler found a non -encrypted database, not protected by words, containing approximately 145,000 files, including PDF, PNG and other files, and supported documents such as various evaluations, home health certifications, plans documents, high forms and other internal documents.
Blocking the downstream database
In general, these files, which and measured in 23 GB, also contained names of people, patient identification numbers, SSN, postal addresses, telephone numbers and other personal identification information (PII). Other documents contained diagnostic, treatments and other potentially sensitive health data.
Archer Health, also known as Archer Home Health/Home Health & Palliative Care) is a provider of medical services at home. The company offers specialized nursing, therapy (physical, speech, occupational), nutritional orientation, medical social work, home health assistants, wound care and more, delivered in the patient’s home.
They also provide palliative care, focused on the relief of symptoms, disease management, comfort and support for patients with serious or chronic diseases.
Shortly after Fowler contacted, the company blocked the database and thanked the researcher for the Council.
“Thank you for attracting this to our attention,” Archer Health told Fowler. “We take the data and privacy of the patient very seriously. Our team is actively investigating this issue and will address any safety problem immediately.”
Without adequate forensic analysis, it is impossible to say if someone agreed to the database before Fowler found it. There is no evidence that this database has leaked anywhere on the Dark website. In addition, we do not know how long the file remained open or who succeeded (Archer Health or a third).
