MongoDB database without password protection exposes prescription information of over 78,000 US patients.

vpnMentor's researchers, Noam Rotem and Ran Locar namely, have recently discovered an unprotected MongoDB database with exposed the information on 391,649 prescriptions for a drug named Vascepa - a drug used for lowering triglycerides (fats), and the personal details of over 78,000 patients who were prescribed Vascepa in the past.

The full names, addresses, phone numbers, and email addresses of the patients were some of the information that was exposed. And the information on prescribing doctor, pharmacy ID, pharmacy name, pharmacy address, National Provider Identifier number, member ID, and NABP E-Profile Number were available on the transaction details.

The database contained id codes for two companies, Constant Contact, and PSKW. “Notably, there are id codes for two other companies, Constant Contact, an email marketing platform and PSKW, the legal name for an electronic prescription program, ConntectiveRX,” researchers said in a blog.

The researchers who discovered the leaky database shared their findings with ZDNet to find the owner of the database and take it offline.

Tag : Mongodb password-policy

MongoDB database without password protection exposes prescription information of over 78,000 US patients.

Related tutorials in MongoDB database without password protection exposes prescription information of over 78,000 US patients.

Related forums in MongoDB database without password protection exposes prescription information of over 78,000 US patients.

Related news in MongoDB database without password protection exposes prescription information of over 78,000 US patients.