Recently, security researcher, Volodymyr Diachenko, discovered a healthcare database left available for public view. The healthcare database, containing the protected health information (PHI) of 3.1 million patients, was easily accessible, requiring no password to access the information.

What Happened Following the Discovery?

Upon discovery of the exposed healthcare database, Diachenko did some research to uncover who owned the database. He found that the healthcare database belonged to a medical software company that provides patient management software and online booking services for medical and dental practices. 

Diachenko reached out to the medical software company, Adit, to let them know that their database was available for public view, exposing millions of patients’ PHI, but no one responded to his concern. After a few days, Diachenko found that the healthcare database had been attacked by the “Meow Bot.”

Why Compliancy Group

HIPAA Compliance is an important part of your business, so why not use someone you can trust? Compliancy Group is the only compliance firm to be listed on both Inc. 2020 Best Places to Work and 2020 Inc. 5000 list of the fastest-growing private companies in America. By working with us, you are welcomed into the safety of our family.

Put your trust in us

What is the Meow Bot?

The Meow Bot, discovered in late July, looks for exposed databases by scanning the internet. Once the Meow Bot finds an unsecure database, it overwrites the data in the database with the word “meow” as well as a random numeric string. This essentially erases the data, making it inaccessible to the public, as well as database owners. While the motives behind Meow Bot are unknown, it seems as though they are doing somewhat of a good deed by deleting data so that it cannot be stolen by cybercriminals. The reason it is “somewhat of a good deed” is because their act also leaves the data unavailable to database owners.

Could the Healthcare Database Have Been Copied Before Deletion?

Even though Meow Bot destroyed the healthcare database, it is possible that threat actors could have copied the data before deletion. The healthcare database was available for public access for 10 days prior to being destroyed, making it entirely possible, and likely, that it had been accessed by ill-intentioned individuals. Although there wasn’t a lot of sensitive information in the healthcare database, the information can still be used to perpetuate phishing attacks, as the information included patient names, email addresses, phone numbers, and treatment locations. 

Third Party Verification and Validation

Need Help with HIPAA?

Let our complete HIPAA solution handle it.