Put Your AD here!

Therapy logs, video sessions for 1.7 million American mental patients LEAKED to open web after data breach

Therapy logs, video sessions for 1.7 million American mental patients LEAKED to open web after data breach


This article was originally published on Natural News. You can read the original article HERE

Therapy logs, video sessions for 1.7 million American mental patients LEAKED to open web after data breach

Austin-based healthcare startup Confidant Health is in the news after an estimated 5.3 terabytes worth of the company's mental health data was leaked to the open web.

More than 1.7 million activity logs including psychological profiles and therapy sessions for thousands of patients, including "telehealth" audio and video files, were included in the leak, as were patient driver's licenses.

Since first getting off the ground in 2018, Confidant has been promising to build "the next-generation of virtual care" for mental health patients seeking treatment for addictions and behavioral problems. Instead, Confidant botched the security of its confidential patient files by storing them in a "non-password-protected database."

Confidant currently offers clinical services to patients in Connecticut, Florida, New Hampshire, Virginia and Texas. The Confidant Health app is available on both the iOS (Apple) and Android (Google) platforms, having been downloaded some 10,000 times in the Google Play Store.

(Related: Did you know that "nearly all" AT&T customers were hacked in a data breach earlier this summer?)

People's deepest, darkest secrets shared with the world

Cybersecurity expert Jeremiah Fowler is credited with discovering the leak. He commented that the patient audio and video files contain "some heartbreaking, really painful family trauma, personal trauma."

"It's almost like having your deepest, darkest secrets that you've told your diary revealed," he added. "It's things that you never want to get out."

As a show of respect for professional ethics, Fowler chose not to download any of the private medical information. He also did not attempt to access the password-protected databases, though he did say that a dedicated hacker could easily break in if he or she was so inclined.

"Cyber criminals have a range of tools at their disposal including brute force attacks and social engineering attempts that could potentially result in unauthorized access to those protected files and documents," Fowler further said.

What Fowler did observe as part of his investigation was a trove of publicly visible patient documents that are clearly labeled as things like psychotherapy intake notes and professional assessments on individual patient health. There are also documents outlining patient histories of mental health, substance abuse, family issues, psychiatric history and other problems.

There were also many other files included in the leak such as administrative documents and verification records, i.e., state-issued identification and insurance cards. Other files include drug tests, some with Personally Identifiable Information (PII), that show positive results for substances like cannabis and alcohol.

Much of the leaked data had been collected by Confidant's proprietary chatbots and artificial intelligence (AI), meaning robots rather than humans were in charge of it. Confidant has long bragged about its advanced chatbots and AI programs, which the company claims are pros rather than cons.

"A data-centric environment like the one we are constructing lends itself to leveraging AI to make predictive suggestions," said Confidant's co-founder Sam Arsenault Wilson in a 2022 interview. "That's where we're headed once the data reaches proper scale."

In a report he compiled for the security website vpnMentor, Fowler noted that in a random sampling of data he reviewed, the open and publicly accessible files "contained what could be considered a very serious potential risk to the personal privacy and PII of those individuals."

Of the approximately 1,000 files he personally reviewed to better understand how the data breach occurred in the first place, Fowler revealed that he "was able to view using only a web browser," meaning anyone can access the leaked files without any understanding of hacking.

Fowler made note of the fact that maintaining an exposed database of documents without password protection like Confidant has been doing is highly unusual, especially in the healthcare industry.

More related news coverage can be found at CyberWar.news.

Sources for this article include:

DailyMail.co.uk

NaturalNews.com

This article was originally published by Natural News. We only curate news from sources that align with the core values of our intended conservative audience. If you like the news you read here we encourage you to utilize the original sources for even more great news and opinions you can trust!

Read Original Article HERE



YubNub Promo
Header Banner

Comments

  Contact Us
  • Postal Service
    YubNub Digital Media
    361 Patricia Drive
    New Smyrna Beach, FL 32168
  • E-mail
    admin@yubnub.digital
  Follow Us
  About

YubNub! It Means FREEDOM! The Freedom To Experience Your Daily News Intake Without All The Liberal Dribble And Leftist Lunacy!.


Our mission is to provide a healthy and uncensored news environment for conservative audiences that appreciate real, unfiltered news reporting. Our admin team has handpicked only the most reputable and reliable conservative sources that align with our core values.