Redcliffe Labs apparently impacted by data leak, exposing 12 million records
A cybersecurity expert has reported a significant data leak at Redcliffe Labs, a diagnostics service provider, exposing more than 12 million patient records. The breach is caused by an exposed non-password-protected database that contained sensitive medical data, including diagnostic scans, test results, and other potentially confidential medical records.
The incident came to light when the ransomware gang Black Cat listed Seiko on its data leak site, and it was subsequently reported to the Personal Information Protection Committee and the Tokyo Metropolitan Police. The security researcher, upon investigating that separate breach, discovered that the misconfigured database had been left open for an unknown period. The compromised data encompassed 12,347,297 records, amounting to 7 terabytes of data, including medical test results, patient and doctor names, testing locations, and various other health-related information.
This breach could lead to the misuse of private health information, medical identity theft, and potential ransomware attacks. He also noted that the company's website claimed 2.5 million customers, yet the database contained over 6 million PDF documents in a folder named "test results," raising questions about the actual number of affected individuals.
Additionally, images of some of the exposed documents during his investigation, including X-ray reports containing patients' personally identifiable information (PII), internal reimbursement documents disclosing employee names and details, and blood test records with patient names, ID numbers, detailed health data, and doctor information.
Furthermore, the breached database also contained source code and development documentation from Redcliffe Labs' mobile application, which potentially allow malicious actors to compromise user data, application functionality, or mobile device security.
Tthere was no indication that Redcliffe Labs' app itself was vulnerable or compromised.
It remains unclear whether Redcliffe Labs has informed the appropriate authorities or affected individuals about the data exposure. Redcliffe Labs has denied a data breach and asserted that their infrastructure is highly secure, with dedicated firewalls, private VPCs, encryption at rest, and a strong commitment to cybersecurity.