Breach Brief – Medical Records, Instagram, TikTok

Published On October 29, 2021 | By Tom Huskerson | Breach Briefs, News and Analysis

Instagram & TikTok

Security researchers have found over two million records belonging to TikTok and Instagram social media users profiles scraped from the internet. The records were discovered after they were unwittingly exposed online by an analytics firm. Scraping is a common and sneaky practice where a computer program extracts data from output generated from another program. Data scraping is the process of using an application to extract valuable information from a website.

The haul of 2.6 million TikTok and Instagram users was quickly traced to IGBlade, a firm that provides marketing insights on social media users for its customers.

“The scraped data of users on the server is the same data that features each user’s corresponding page, and the database often provides links back to IGBlade,” the researchers wrote. “This is how we know the database belongs to” The scraping of TikTok and Instagram data could land in trouble with the two social media giants. Information scraped or stolen from websites can be used in various scams and identity theft.

The exposed data included full names and usernames, profile pictures, “about” details, email addresses, phone numbers and location data. Celebrities including Alicia Keys, Ariana Grande, Kim Kardashian, Kylie Jenner, and Loren Gray were also caught up in the data breach.

Medical Records reported a database containing millions of healthcare records and realted medical data has reportedly been discovered by security researcher Jeremiah Fowler and the Website Planet research team. The database was not password protected.

Medical records containing U.S. patient IDs, physician notes and other detailed medical data on patients were found exposed.  While some of this data was encrypted, the notes and information on physicians were in plain text.

The physician notes found in the database contains intimate details of patient illnesses, treatments, medications, family, social and even emotional issues. In addition to being very complete descriptions, Fowler and the Website Planet research team were surprised by just how many small details were included in these notes.

Who does this information belong to? Fowler and the Website Planet research team discovered multiple references to Deep6.AI including internal emails and usernames. Deep6.AI’s software finds patients who better match the criteria for medical trials in a fraction of the time it normally takes. Their reaction after being notified of the exposed data was to place restrictions on the database and issue the following statement;

“Despite recent claims, no personal or patient health data was accessed, leaked or at risk from a Deep 6 AI proof-of-concept database.

In August, a security researcher accessed a test environment that contained dummy data from MIT’s Medical Information Mart of Intensive Care (MIMIC) system, an industry standard source for de-identified health-related test data. To confirm, no real patient data or records were included in this ephemeral test environment, and it was completely isolated from our production systems.

Based on current reporting, we have confirmed that the recent claims reference MIMIC data, and there was no access to real patient records. When the researcher notified us in August, we immediately secured the test environment to ensure there was no further concern.

Data security and privacy is a top priority at Deep 6 AI, and the responsibility to protect data is at the core of our business and top-of-mind for all our people.”


Like this Article? Share it!

About The Author

Tom Huskerson Bio Born in Richmond Virginia Tom Huskerson is a military veteran who settled in California after his discharge. Tom attended Santa Barbara City College where he began his writing career as a campus reporter. He worked as an intern news reporter for the Santa Barbara News-Press writing feature stories before moving on to San Francisco. At San Francisco State University Tom studied broadcast communications and began to focus on the Internet. He completed his graduate thesis on Internet advertising. Tom was the first student to ever focus on the Internet as a graduate student at San Francisco State University. After graduation he went to work for Zona Research in California’s Silicone Valley. As a research associate Tom supported senior analyst writing on the latest developments in the Internet industry. During the dot com boom Tom worked for several web businesses as a market researcher and analyst. As a writer and researcher Tom has authored various technical works including a training program for Charles Schwab security. Other projects included professional presentations on workplace violence and hiring security contractors. Tom has also written both fiction and non-fiction works and blogging for a travel website. He has published two books of short stories and completed two novels. Tom is the owner of Scribe of Life Literature and Tom is not the chief editor for the OnTechStreet. com. A news and information blog that focuses on tech news for African-Americans. The blog is the result of his desire to inform the African American community of the dangers and benefits of the cyber age. In his blog Tom reports on information security, new and analysis, scams and hoaxes, legal happenings and various topics that arise from the age of information. Tom believes that technology is a necessary tool for black people and they should know what is happening. Tom writes believing that techno speak is for the professional and that valuable information can be communicated using plain language. As a result he has embraced the motto, Less Tech, More Knowledge.

Comments are closed.