MEDantex Healthcare Transcription Firm Accidentally Exposes Medical Records

MEDantex, a healthcare transcription service based in Wichita, Kansas, shut down its customer portal when it learned sensitive medical records for thousands of doctors were exposed online.

Physicians can upload audio notes about their patients to a MEDantex Web portal, which is supposed to be password-protected but was found by KrebsOnSecurity to be open to the public Internet. Several online tools for MEDantex employees were also exposed, including pages where anyone could add or delete users, or search for patient records by patient name or physician name, without submitting any type of authentication.

Read more about the accidental exposure of medical data by MEDantex, which is likely the result of a flawed system rebuild after a recent ransomware attack on the company, on DarkReading.

Track the strategic threats to your business with the Threat Brief, delivered to your email daily.

Subscribe Here