Cybernews reports that almost 2.7 million U.S. patients' profiles and 8.8 million appointment records have been inadvertently exposed by an unsecured MongoDB database believed to have been owned by U.S. dental marketing firm Gargle.Included in the misconfigured MongoDB instance, which has since been secured, were individuals' names, birthdates, addresses, phone numbers, emails, gender, language preferences, chart IDs, and billing information, as well as appointment records that contained timestamps, patient metadata, and institutional references, according to Cybernews researchers, who suspected that the data may have spilled from third-party service-linked internal infrastructure. With the massive data compromise potentially resulting in identity theft, insurance fraud, phishing, and social engineering campaigns, Gargle should immediately notify those impacted by the incident in compliance with the Health Insurance Portability and Accountability Act. Meanwhile, individuals who may have been affected were urged to be vigilant of suspicious emails and unauthorized medical or insurance record activity, as well as seek identity theft monitoring services.
An In-Depth Guide to Identity
Get essential knowledge and practical strategies to fortify your identity security.
As companies adopt hybrid and multicloud systems, set to dominate by 2027, according to Gartner, the complexity of securing dispersed data becomes a major concern.
Major Swedish commercial vehicle manufacturer Scania had its corporate insurance arm, Scania Financial Services, allegedly compromised by the threat actor "hensi" in an attack that resulted in the exfiltration of 34,000 confidential files, reports Cybernews.
