Posted on Leave a comment

2.5 Million Medical Records Reportedly Leaked Online By AI Company

Shidonna Raven Garden and Cook

A security expert claims to have found more than 2.5 million medical records on a publicly accessible website. Here’s what you need to know.
Source: Screen Rant
Features Photo Source: Unsplash, Adeolu Eletu

Almost 2.6 million medical records were leaked online by an artificial intelligence company in July, a security expert has claimed. This is just one of many data breaches in the last few years that collectively highlight the major privacy concern felt by many when using online services. Although as this pertains to medical information, it comes with an additional level of concern.

Back in March, a data breach exposed the personal information of 200 million Americans. In that case researchers reportedly found roughly 800 gigabytes of detailed information had appeared on a publicly accessible Google Cloud server. Though, the files were deleted quickly, it was yet another example of the scale and scope of such instances. Furthermore, that was just one incident with many others having been reported before and afterwards.

As for this new breach, security consultant Jeremiah Fowler wrote in an opinion piece for Secure Thoughts where it was explained, how on July 7 medical records had made their way online. According to the information, the records included names, addresses, dates of birth, auto accident insurance claims, and medical information and notes. In addition, the data was also said to contain internal records which could potentially be vulnerable to a ransomware attack

The Latest Security Breach Warning

Fowler explained how several references to an artificial intelligence company, Cense were found, suggesting a link to the issue. The company uses machine learning technology to provide end-to-end business process management and offers its services to the healthcare, education and e-commerce industries. Listed as staging data, the records were reportedly stored at the same IP address as Cense’s public website and were accessible by any browser. While Fowler couldn’t state how long the data was openly accessible for, shortly after alerting Cense of the discovery, access to the staging portal was restricted.

This revelation raises significant privacy concerns regarding the safety and security of medical data, considering Fowler found 2,594,261 records in total. Before Cense restricted access to the site, anyone could have viewed, downloaded, edited, or even deleted the data. Furthermore, as Fowler points out, the exposure of such data potentially violates the Health Insurance Portability and Accountability Act, which could lead to fines of up to $25,000 per violation. Under New York’s Information Security Breach and Notification Act, residents have the right to know when a breach exposes their private information. While it is unclear if this incident did lead to any violations of the act, it is still a cause for concern. Adding to the list of concerns, Fowler also highlighted that data as sensitive as medical information is often of major value to those who buy and sell on the dark web.

A data breach by companies can be profound particularly when one does not know how their data is collected and shared. What protections would you like to see for your medical data including on the internet and digitally? What protections should be implemented on the dark web? How has the Cambridge Analytica data breach cause you to re-consider your data and protection? Why? Why not?

Share your comments with the community by posting them below. Share the wealth of health with your friends and family by sharing this article with 3 people today. As always you are the best part of what we do. Keep sharing!

If these articles have been helpful to you and yours, give a donation to Shidonna Raven Garden and Cook Ezine today. All Rights Reserved – Shidonna Raven (c) 2025 – Garden & Cook.

Leave a Reply