2.7 Million Health-Related Calls, Sensitive Info Exposed for Six Years
In a very ugly data leak, an unsecured server has exposed 170,000 hours of recordings from 2.7 million calls made to the 1177 Swedish Healthcare Guide service since 2013. Many callers shared sensitive health care information, and some of them mentioned other confidential data such as their social security number. The server also mentioned the phone number of the caller for 57,000 conversations.
The incident represents a clear violation of the General Data Protection Regulation (GDPR), the European Union’s new data privacy law that obliges companies to properly safeguard customer data. Despite a trend toward stricter privacy regulations in many countries, data leaks due to misconfigured or poorly secured servers are still incredibly common.