Whole pile of US data just sitting there with no security
Around 24 million medical patients' data is floating around on the internet, freely available for all to pore over – thanks to that good old common factor, terribly insecure servers.
German vuln-hunting firm Greenbone Networks found 590 "medical image archive systems online" containing a startling 737 million images, of which it said around 400 million were downloadable.
The so-called Picture Archiving and Communication System (PACS) servers run on a 1980s-vintage protocol, Digital Imaging and Communications in Medicine, or DICOM.
One of the uses for DICOM is storing and transmitting medical scan images, such as X-rays.
Dirk Schrader, a cyber-resilience architect at Greenbone Networks who led the research, said: "A significant number of these servers have no protection at all, they aren't password protected and have no encryption.