Swedish healthcare advice line call data left exposed on open web


In February 2019, an anonymous tip-off to Computer Sweden revealed that a database containing recordings of 170,000 hours of calls made to the Vårdguiden 1177 non-emergency healthcare advice line was left without encryption or password protection on an open web server provided by Voice Integrate Nordic AB. After the breach was discovered, MedHelp, which runs the 1177 service, shut the server down and found that 55 call files had been illegally downloaded from seven different IP addresses. Nine of these files included personal information identifying the calling; 16 identified the callers' phone numbers. 

Writer: Tammy Lovell
Publication: Heathcare IT News


See more examples