The next big thing 🤦♂️
vpnmentor.com/blog/report-eh…
The developers of eHAC were using an unsecured Elasticsearch database to store over 1.4 million records from approximately 1.3 million eHAC users.
These records didn’t just expose the users. This data leak exposed the entire infrastructure around eHAC, including private records.
No. of people exposed:Approx. 1.3 m
Types of data exposed:PII data; travel information; medical records; COVID-19 status
Potential impact:Fraud; Hacking; Disinformation
Data storage format:Elasticsearch
Data yang terekspose:
- COVID-19 Test Data
- eHAC Account Data
- Individual Hospital Data
- Passenger PII Data
- PII Data From eHAC Staff
Resiko untuk pengguna
With access to a person’s passport information, date of birth, travel history, and more, hackers could target them in complex (and simple) schemes to steal their identity, track them down, scam them in person, and defraud them of thousands of dollars.
Resiko untuk rumah sakit
Perlu mulai aware dengan resiko cyber security.
Hackers could harvest data from the app on individual hospitals and their staff, using this information to target the hospitals in various phishing, fraud, and viral attacks.
Semoga data masih aman
vpnMentor ini ethical hacker, spt mas @secgron. Tdk mencuri atau jual data.
We reached out to the various parties responsible for eHAC to inform them about the vulnerability and suggest ways to secure their system.
Dimuat di sini
tvonenews.com/berita/nasiona…
Share this Scrolly Tale with your friends.
A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.