8.7 C
San Francisco
Sunday, March 7, 2021

AI Company Cense.ai Exposed Over 2.5 Million Medical Records

Must read

Noel Goggin, CEO of Conga: “Transparency Is Key”

CEO of Conga Noel Goggin is also the company’s culture leader. He has proven himself in the software industry, having spent 24 years in...

The New Social Contract: Twitter, Parler, Facebook and the Law

Related Articles When we first use their service, consumer-facing technology platforms make us agree to their Terms...

Top 5 Tips to Obtain a Court Order to Remove Content from the Internet

Related Articles If you find false or negative information about yourself or your business, you can follow...

Visibility Vixen Michelle Lewis: “Manage Your Finances”

Visibility Vixen Michelle Lewis wears several different hats. She is an “Amazon best-selling author, podcast host and founder of The Celebrity CEO Method.” Online,...
mm
Chris Dehler
Chris Dehler is another promising contributor catering his expertise to the website. With past experience as a lawyer, Chris adds his well-researched news pieces from the Law niche.

Cense.ai is an Artificial Intelligence company that works in a wide range of areas. According to the company website, Cense.ai focuses on “Automated Machine Learning, Faster AI Models,” and the development of a “Knowledge Repository.” It is this last practice that led to the company exposing over 2.5 million medical records. According to researcher Jeremiah Fowler, all of the records were readily available to view or download by anyone with an Internet connection.

Though it remains unclear how long the data was available online, Fowler made the discovery on July 7th, 2020. As soon as he knew what he was looking at, he immediately contacted the company hosting the data, Cense.ai. Soon after the discovery and Fowler’s discloser notice, Cense.ai restricted public access to the data. However, Fowler is not sure how long the data was available or if anyone accessed it before it was taken down.

Not only is medical data considered extremely sensitive personal information, but it’s also highly profitable. According to Fowler, just one medical record can sell for $250 or more to cybercriminals. That means that the data Cense.ai left exposed could have been worth somewhere between $600-$700 million on the black market. So far, Cense.ai has not made a public statement about the breach or their attempts to ensure greater cybersecurity going forward.

- Advertisement -

Though the exact cause of the exposure is not known, Fowler believes that the data was temporarily put online while Cense.ai before being transferred to its own management system. It may sound like a small error, but this oversight put millions of people’s personal identifiable medical information on full display. According to initial reports, the exact number of records exposed was 2,594,261.

In his disclosure, Fowler stated that the records he found included names, insurance and medical records, as well as payment information. The data appeared to be sourced from auto insurance claims that focused on neck and spinal injuries. Thus, the people whose information was exposed are for the most part also the victims of auto accidents involving serious injuries.

While it’s good that people like Jeremiah Fowler are working to make the Internet more secure, it’s frightening to see the lack of oversight company’s take with sensitive data. Businesses all over the world collect personal data from billions of people every single day. Even with security measures in place, some information is bound to be leaked or stolen. Any business working with PII (personal identifiable information) needs to stay vigilant in terms of its cybersecurity efforts.

In the case of Cense.ai’s data exposure, virtually no precautionary measures were taken. The data was simply left available to anyone online. If someone with malicious intentions obtained any of it — which is highly plausible —personal medical information might already be spreading throughout the deep web.

Cense.ai’s lack of cybersecurity could also pose a huge legal issue for the company. Given the enormity of the error, they might be at risk for a class action lawsuit. Cense.ai is located in New York, where HIPAA violations are taken very seriously. So, even if the company doesn’t face any individual or class action lawsuits, they might face heavy fines and penalties from the state government. Worst case scenario for the company, Cense.ai might be forced to cease operations.

This latest disclosure of medical data shows the current state of cybersecurity vulnerabilities. While Cense.ai can potentially face penalties, there’s unfortunately nothing that can be done about the data that was already exposed. In order to truly protect citizens in the virtual sphere, leaks like these must be made aware to the masses so those affected can take proper action to protect themselves.

- Advertisement -

More articles

Latest article

Noel Goggin, CEO of Conga: “Transparency Is Key”

CEO of Conga Noel Goggin is also the company’s culture leader. He has proven himself in the software industry, having spent 24 years in...

The New Social Contract: Twitter, Parler, Facebook and the Law

Related Articles When we first use their service, consumer-facing technology platforms make us agree to their Terms...

Top 5 Tips to Obtain a Court Order to Remove Content from the Internet

Related Articles If you find false or negative information about yourself or your business, you can follow...

Visibility Vixen Michelle Lewis: “Manage Your Finances”

Visibility Vixen Michelle Lewis wears several different hats. She is an “Amazon best-selling author, podcast host and founder of The Celebrity CEO Method.” Online,...

Jess Glazer, of EmpowerU: “I’m a Lifelong Student”

Founder of EmpowerU Jess Glazer could not have dreamed of a better outcome than turning her “side hustle” into a venture now worth millions...
- Advertisement -