Plastic surgery photos and records exposed in unsecured database
Plastic surgery is more mainstream than it's ever been, but that doesn't mean patients are dying to have their cosmetic laundry aired in public.
Security researchers at vpnMentor discovered that about 900,000 images and invoices from cosmetic surgery imaging company NextMotion were sitting on an unsecured database in cloud storage. The exposed files included detailed invoices of procedures, as well as explicit images and 360-degree videos of patients' faces and bodies, including breasts and genitalia.
The report (via CNET) found that the breach could affect thousands of patients whose doctors use technology and software provided by NextMotion at 170 clinics around the world. The researchers discovered the vulnerable database during their "web mapping" project, which scans the internet and cloud for weaknesses.
"Our team was able to access this database because it was completely unsecured and unencrypted," the report reads.
That's contrary to NextMotion's claims on its website that "all your data is 100% secure." The culprit of the breach was a NextMotion Amazon Web Services (AWS) S3 bucket, a kind of digital cloud storage technology akin to a file folder. S3 buckets have been linked again and again to exposed databases of customer information when companies fail to secure them properly.
The researchers contacted NextMotion when they discovered the vulnerability and it has since been secured.
"We immediately took corrective steps and this same company formally guaranteed that the security flaw had completely disappeared," NextMotion writes on its website.
Cases of bungled cloud storage seem a dime a dozen these days, but the common scenario — of a company not taking the appropriate steps to obscure and secure its online databases — takes on a new and disturbing urgency when the content contains medical records and, frankly, nude photos. The images contained identifying information of patients, as well as before-and-after photos of procedures.
Even if everyone from Bella Hadid to your coworker Jill in marketing is getting a Botox brow lift, they don't necessarily want the world to know.
相关文章
Doosan scraps controversial Robotics
(Doosan Group)Doosan Group has officially scrapped its merger plan between Doosan Robotics and Doosa2024-09-22This fossilized butthole gives us a rare window into dinosaur sex
The Psittacosaurus specimen, from Senckenberg Museum of Natural History. Jakob Vinther, University o2024-09-22- 本报讯5月12日,石棉县王岗坪乡第一小学响应乡镇“环境整治百日攻坚”誓师大会号召,组织二十多名少先队员,带上劳动工具,参与“环境整治百日攻坚”行动。该校二十多名少先队员出发前往卫生整治区域,埋头苦干,2024-09-22
YouTube lets you create AI music that sounds like Charli XCX (with permission)
YouTube is letting you make your own AI-generated music that sounds pretty damn similar to leading p2024-09-22- 本报讯2024年秋季学期开学在即,市教育局提前谋划部署,抓细抓实控辍保学、师资优化、校园安全、后勤保障等工作,全力保障开学平稳有序。据悉,为进一步加强适龄人口失学辍学情况动态监测,市教育局建立全市适龄2024-09-22
It’s a cosmic miracle that life on Earth’s lasted this long
Toby Tyrrell is a professor of Earth System Science at the University of Southampton. This story ori2024-09-22
最新评论