Illustration: Aïda Amer/Axios
The medical records of more than 5 million Americans and even more people globally — including X-rays, MRIs and CT scans — are vulnerable targets to even the simplest cybersecurity threats, ProPublica and German broadcaster Bayerischer Rundfunk found.
Why it matters: Because of the sensitivity of some of these records, patients face potential devastation if their images are hacked.
- "Medical knowledge can be used against you in malicious ways: to shame people, to blackmail people," Cooper Quintin, a security researcher and senior staff technologist with the Electronic Frontier Foundation, told ProPublica. "This is so utterly irresponsible."
- In some cases, a free software program or basic lines of computer code could access images and private data.
What they found:
- More than 13.7 million medical tests in the U.S. were available online, including more than 400,000 from X-rays and other images that could be downloaded.
- Large hospital chains and academic medical centers seemed to have better protections in place. Most of the cases of unprotected data the report found involved "independent radiologists, medical imaging centers or archiving services."
The bottom line: Patient data obtained by the health care industry has systemically had problems with hacking ever since it switched from analog to digital technology, including those stemming from basic human error or systems with known security weaknesses.
Go deeper: The pitfalls of electronic health records