Ethical hackers discovered the names, addresses, social security numbers, and tax information of more than 30,000 healthcare workers in a database run by Gale Healthcare Solutions.
More than 30,000 US healthcare workers’ personal information was recently exposed due to a non-password-protected database, according to security researcher Jeremiah Fowler and a team of ethical hackers with Website Planet.
Fowler discovered a database run by Gale Healthcare Solutions with 170,239 exposed records that included names, emails, home addresses, photos, and in some cases Social Security Numbers as well as tax documents.
Gale Healthcare Solutions is a Tampa, Florida tech company that connects healthcare workers with healthcare organizations looking to hire people for certain shifts.
Fowler said the information also included forms about certain incidents, disciplines, and terminations.
“We only reviewed a limited sampling of documents and did not review each and every file. The files were hosted on an AWS cloud server and many of the registration documents were open and publicly accessible,” Fowler told ZDNet.
“The images I saw were usually of the healthcare worker‘s face or ID badge, but the URL contained their full name, SSN, and a number consistent with an SSN. Here is an example of how the link appeared: .com/gale-registration-documents/documents/last_name_first_name-LPN/-SSN-*********.jpeg.
The healthcare scheduling solution you’ve been waiting for. We created the Gale App to connect nurses and caregivers to healthcare facilities in need of clinical support, providing flexible schedules and daily pay for nurses, facilitating consistent coverage for facilities, and ensuring quality care for the people they serve. How Gale Works.
Gale Healthcare Solutions. Gale allows healthcare professionals to work when they want and healthcare providers to get the staff they need when they need it. Patient care is supplied by a *credentialed network of over 30,000 healthcare professionals, but it takes more than excellent clinicians to provide healthcare.