The website of one of India’s largest diagnostic laboratories was breached on Friday. The hackers, believed to be from India, gained access to sensitive data including medical records of more than 35,000 patients.
According to Indian Express, the HSPPL website that came under attack included roughly 40,000 files out of which 35,000 were related to patients and medical data.
The website’s administrators figured something was wrong shortly after the breach and promptly removed the entire database in an attempt to protect customers’ privacy. However, not much is known with regard to the actual volume of compromised files. Sources familiar to the matter say that the stolen info included the names of patients, their gender, age, blood test report, and lipid profile among other info.
“We have erased the entire data from our website to protect patients’ details,” said website developer Sunil Mourya.
Administrators of the website claim that the compromised data was one-year-old, adding that patients were yet to inform about the breach. Neither did they reveal if they planned to inform the affected patients (although it goes without saying that they are legally and morally obliged to do so).
Reports also have it that this is not the first time the HSPPL website has come under attack. The website was reportedly breached several times in the past. However, the company insists that there was hardly anything that they could do to prevent it. Even more alarming is that fact that there had been already two attacks before the one that led to this massive breach.
“We stopped uploading files since the website was getting hacked repeatedly. We are moving to a new system,” an official from Health Solutions said.
The company further stated investigations were on, adding that the evidence they have gathered so far point toward the involvement of an Indian who was possibly using Chinese servers.