"Millions of Patient Scans and Health Records Spilling Online Thanks to Decades-Old Protocol Bug"
Aplite researchers warn that thousands of exposed servers are leaking millions of patients' medical records and personal health information due to security flaws in a decades-old industry standard, Digital Imaging and Communications in Medicine (DICOM). This standard is designed for storing and sharing medical images. DICOM, the internationally recognized medical imaging format, is the file format for CT scans and X-ray images. DICOM images are typically stored in a PACS server, enabling medical practitioners to store patient images in a single file and share records with other medical practices. However, as Aplite discovered, security flaws in DICOM mean that many medical facilities unintentionally exposed millions of patients' private data and medical histories to the open Internet. According to Aplite's research, over 3,800 servers in more than 110 countries exposed the personal information of about 16 million patients. This article continues to discuss the research behind the exposure of sensitive information due to DICOM vulnerabilities.
Submitted by grigby1