Home » Cyber Security News » An unprotected server exposed almost 2.7 million call recording for six years

An unprotected server exposed almost 2.7 million call recording for six years

  • Of the 2.7 million exposed call recordings, almost 57,000 call recordings have filenames containing the telephone numbers of those who called the helpline.
  • Researchers noted that the unprotected server available at nas.applion.se might have been impacted by almost 23 vulnerabilities with CVEs assigned between 2013 and 2018.

A storage server containing real-time call recordings made to the 1177 Swedish Healthcare Guide helpline for health care information was found publicly available without any password protection.

The unprotected server which was left open without a password, exposed almost 2.7 million health-related call recordings that dated back to 2013.

23 vulnerabilities in the server

Lars Dobos in a blog noted that a Shodan search query revealed that the unprotected Apache HTTP Server 2.4.7 available at nas[.]applion.se might have been impacted by almost 23 vulnerabilities with CVEs assigned between 2013 and 2018. Therefore, even if the server wouldn’t have been left publicly available, it would have been breached at some point in time.

What information was exposed?

Computer Sweden, who detected the open web server, listened to some of the call recordings to learn the extent of the leak and the damage to the public.

  • The call recordings included sensitive information about diseases and other ailments of callers.
  • Callers’ symptoms and the medications taken for previous treatments.
  • Children’s symptoms and social security numbers.

Dobis noted that of the 2.7 million exposed call recordings, almost 57,000 call recordings have filenames containing the telephone numbers of those who called the 1177 Swedish Healthcare helpline.

“The fact that the calls are recorded is in itself permitted, it may be necessary for the patient’s safety, or to be able to prove abuse, but the saved audio files should be treated with confidentiality according to the patient data law. It is also clearly the question of information that is considered as sensitive personal data according to GDPR,” the report read.

Unprotected storage server used by Medicall

The unprotected server which exposed 2.7 million call recordings was used by Medicall which is based in Hua Hin, Thailand. The call recordings that have been exposed includes calls made to Medicall which is a subcontractor to Medhelp, who receives patient calls via the 1177 Care Guide Helpline.

“We have checked this out with our IT, and what you say is completely impossible,” said Davide Nyblom, CEO at Medicall.

“This is catastrophic, it’s sensitive data. We had no idea that it was like this. We will, of course, review our systems and check out what may have happened,” said Tommy Ekström, CEO of Voice Integrate Nordic.

Firewall,Hardware Firewall,Software Firewall,Firewall India, Firewall,Network Firewall,Firewall Support,Firewall Monitoring,Firewall VPN, WAF Website Firewall,Firewall Security, Firewall India,Firewalls Provider in India

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 9582 90 7788 | Support Number : +91-9654016484
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket