Threat Intel Flash: Sisense Data Compromise: ARC Labs Intelligence Flash

Get the Latest


COVID-19 Testing Service in US Exposes Patients’ Photos, Passports

A COVID-19 testing service run by Premier Diagnostics exposed sensitive information of more than 50,000 people by storing data on two unsecured Amazon S3 buckets. The information was unsecured for about a week, leaving plenty of time for threat actors to steal the publicly exposed data. The customers affected by the data breach are most likely to be from Utah, Nevada and Colorado according to samples from the stolen material. The information included driver’s licenses, medical insurance cards, passports and other forms of identification. If an individual received a COVID-19 test at a location that was run by Premier Diagnostics, they should be on the lookout for sophisticated and targeted phishing scams.

Analyst Notes

Threat actors can leverage stolen medical records to impersonate legitimate patients to commit various forms of fraud, including submitting fraudulent claims to health insurers without authorization. This could not only affect healthcare coverage, but also compromise safety if there’s misinformation on file that is needed for medical treatment. Anyone who may have been a victim of a medical data breach should get confirmation from their provider to find out exactly what information was stolen. Change and strengthen any online logins and implement multi-factor authentication. Asking the insurance provider for copies of claims and carefully reviewing explanation of benefits notices can reveal if a patient’s identity has been used fraudulently. This might show if inaccurate health and medical information is present in the patient’s records. Lastly, financial and credit accounts should be monitored closely, because sometimes medical insurance information is used to commit other forms of financial fraud. Placing a credit freeze on file with the credit bureaus and notifying banks or other financial institutions is helpful to prevent fraud when identity theft is suspected.