400 Million Medical Radiological Images Exposed on the Internet
A recent study by Greenbone Networks uncovered 590 unprotected Picture Archiving and Communication System (PACS) servers across 52 countries that left a total of 24.3 million patient records exposed to the Internet. Healthcare organizations use PACS to store medical data from imaging devices like X-Ray, CT, or MRI machines.
The leaky databases were found as part of an analysis of 2,300 PACS servers. The exposed information included full names, dates of birth and information about medical examinations including the date, scope and type of imaging procedure as well as the names of attending physicians and the medical institute. Data of this kind could be used by threat actors to launch convincing spear phishing campaigns.