Plastic surgery is more mainstream than it's ever been, but that doesn't mean patients are dying to have their cosmetic laundry aired in public.
Security researchers at vpnMentor discovered that about 900,000 images and invoices from cosmetic surgery imaging company NextMotion were sitting on an unsecured database in cloud storage. The exposed files included detailed invoices of procedures, as well as explicit images and 360-degree videos of patients' faces and bodies, including breasts and genitalia.
The report (via CNET) found that the breach could affect thousands of patients whose doctors use technology and software provided by NextMotion at 170 clinics around the world. The researchers discovered the vulnerable database during their "web mapping" project, which scans the internet and cloud for weaknesses.
"Our team was able to access this database because it was completely unsecured and unencrypted," the report reads.
Mashable Light SpeedWant more out-of-this world tech, space and science stories?Sign up for Mashable's weekly Light Speed newsletter.By signing up you agree to our Terms of Use and Privacy Policy.Thanks for signing up! That's contrary to NextMotion's claims on its website that "all your data is 100% secure." The culprit of the breach was a NextMotion Amazon Web Services (AWS) S3 bucket, a kind of digital cloud storage technology akin to a file folder. S3 buckets have been linked again and again to exposed databases of customer information when companies fail to secure them properly.
The researchers contacted NextMotion when they discovered the vulnerability and it has since been secured.
"We immediately took corrective steps and this same company formally guaranteed that the security flaw had completely disappeared," NextMotion writes on its website.
Cases of bungled cloud storage seem a dime a dozen these days, but the common scenario — of a company not taking the appropriate steps to obscure and secure its online databases — takes on a new and disturbing urgency when the content contains medical records and, frankly, nude photos. The images contained identifying information of patients, as well as before-and-after photos of procedures.
Even if everyone from Bella Hadid to your coworker Jill in marketing is getting a Botox brow lift, they don't necessarily want the world to know.
顶: 31849踩: 5
Plastic surgery photos and records exposed in unsecured database
人参与 | 时间:2024-09-22 13:27:05
相关文章
- Ruling bloc divided on foreign nannies' pay
- Seoul to build memorial for Korea’s government
- N. Koreans celebrate Lunar New Year with traditional food, folk games: state media
- Madrid relying on Benzema for more European glory
- Prime exclusive deal: $50 off Govee floor lamp
- 给力!华农耕地保育团队积极参与梅州特大暴雨损毁农田灾后修复工作
- US calls N.K. missile launch unacceptable, calls for consequences for Pyongyang
- Instagram makes it easier to take back hacked accounts
- [LLG] When compassion meets law: Lawyer defends goats, dogs, other helpless animals
- Brighton improve European hopes
评论专区