DM Clinical Research Data Breach Exposes Over 1.6 Million Sensitive Records
February 25, 2025
Earlier this month, cybersecurity researcher Jeremiah Fowler identified a non-password-protected database belonging to DM Clinical Research, a Texas-based clinical trial network. The database contained over 2 terabytes of information totaling 1.6 million records of potentially sensitive personal and medical information.
What Was Exposed?
According to Fowler, the exposed database allowed access to surveys and records in a PDF format that included the names of individuals. However, a limited sampling of the exposed documents revealed more sensitive personally identifiable information (PII) and protected health information (PHI), including:
- Full names
- Dates of birth
- Phone numbers and email addresses
- Vaccination statuses (including specific vaccines received)
- Current medications
- Adverse reactions to COVID-19 vaccines
- Doctor’s names
- Health conditions and medical histories
- Whether the individual was on birth control or pregnant
- The names of survey conductors
Certain highly sensitive details about mental health, and other medical conditions were also present. Fowler promptly reported the exposure to DM Clinical Research, which restricted public access within hours.
Why Medical Data Breaches Pose a Major Concern
Unlike financial data (which can be changed, such as a credit card number), personal health information is permanent. Leaked medical records can be exploited in numerous ways:
- Phishing scams – Attackers posing as medical professionals could craft targeted scams.
- Blackmail and extortion – Threat actors may try to extort people with sensitive health conditions.
- Big data exploitation – Data brokers could use this information to influence insurance premiums or medical service costs.
- Other social engineering attacks – Cybercriminals could use medical data to impersonate patients or manipulate healthcare providers.
Protect Yourself with Bitdefender Digital Identity Protection
While organizations must take steps to secure sensitive data, people must also stay vigilant against potential threats. If your personal or medical information is leaked in a data breach, Bitdefender Digital Identity Protection can help by detecting if your personal information has been exposed online or on dark web marketplaces, providing alerts about compromised credentials, and monitoring your online footprint to help you stay aware of potential risks.
tags
Author
Alina is a history buff passionate about cybersecurity and anything sci-fi, advocating Bitdefender technologies and solutions. She spends most of her time between her two feline friends and traveling.
View all postsRight now Top posts
Streamjacking Scams On YouTube Leverage CS2 Pro Player Championships to Defraud Gamers
February 20, 2025
How to Identify and Protect Yourself from Gaming Laptop Scams
February 11, 2025
Your Device ‘Fingerprint’ Will Go to Advertisers Starting February 2025
December 24, 2024
Beware of Scam Emails Seeking Donations for UNICEF or Other Humanitarian Groups
December 19, 2024
FOLLOW US ON SOCIAL MEDIA
You might also like
Bookmarks
