DM Clinical Research leaks 1.6M clinical records
Learn More
DM Clinical Research, a Texas-based network of clinical trial sites operating across multiple states, was found leaking datathrough an unprotected database discovered by cybersecurity researcher Jeremiah Fowler.
The database, containing sensitive medical and personal information, was neither password-protected nor encrypted, and contained 1,674,218 records, totaling 2 terabytes of data, all stored in PDF format.
Exposed data includes:
- Names
- Birth dates
- Phone numbers
- Email addresses
- Vaccination status and specific vaccines received
- Current medications
- Health conditions
- Doctor names
- Pregnancy status
- Birth control information
- COVID-19 vaccine reactions
- Other confidential medical information
The number of affected individuals is not disclosed, but even if it's just 10% of total records that is more than 100,000.
DM Clinical Research responded to the disclosure and secured the database within hours. The company issued a statement emphasizing their commitment to data protection.
It's not clear how long the data was exposed, whether any unauthorized access occurred, and whether the database was managed directly by the company or through a third-party contractor.
