Multiple databases belonging to the Facebook ad agency xSocialMedia have been found open exposing almost 150,000 records containing a wide variety of medical information derived from marketing campaigns run for medical malpractice lawsuits.The files were found by vpnMentor
on June 2, and which have since been secured. The exposed information was
gathered through Facebook ads placed by xSocialMedia looking for people
suffering from specific ailments that led to a variety of “injury-check.com” domains
such as https://ied-fund.injury-check.com and https://ivcfilter-risk.injury-check.com,
vpnMentor said.The ads were designed to gather medical histories which would
then be passed along to a personal injury law firm. The data collected and then
compromised included first and last name, email address, street address, phone
number, IP address, circumstances of the injury and an explanation about the
injury.“The injuries described in the database vary from combat
injuries suffered by American veterans to injuries caused by medical devices,
pesticide use, medication side-effects, and defective baby products,” vpnMentor
said.In addition to the medical information the exposed data
bases also contained information from about 300 of xSocialMedia’s clients
including their names, addresses, phone numbers and email along with some odd
tidbits such as the metrics on how their Facebook ads performed.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds