Care1 Exposes Nearly 5 Million Medical Records
/ 1 min read
👁️🗨️ Care1’s exposed database raises serious cybersecurity concerns. A cybersecurity researcher discovered a non-password-protected database belonging to Care1, a Canadian AI software company for optometrists, containing over 4.8 million records, including sensitive patient information. The database, totaling 2.2 TB, included eye exam documents, personal health numbers, and home addresses, posing significant privacy risks. Following the responsible disclosure, access to the database was restricted the next day. While Care1 has not confirmed any data compromise, the incident highlights the vulnerabilities in medical data management and the need for enhanced cybersecurity measures, such as encryption and multi-factor authentication, to protect sensitive health information from potential cyberattacks.
