Sensitive info of 100,000 US healthcare employees exposed

A massive data breach has compromised nearly 100,000 doctors, nurses, and other healthcare professionals working at major hospitals across the United States.

PlatformQ — self-described as a “leading provider of digital engagement solutions” for healthcare (PlatformQ Health) and education (PlatformQ Education) — inadvertently published a database backup stored in a misconfigured AWS S3 bucket. Based on the findings, our security team believes the leak was marketing data for the generic drug Zarex.

The exposed sensitive information includes:

Full names
Personal email addresses
Job titles
Work addresses
Home, work and private phone numbers
National provider identifier (NPI) numbers.

NPIs — 10-digit codes used to identify medical professionals and providers — are often used on Medicare or Medicaid forms. The identifiers can also be entered to scan publicly available government databases that provide even more detailed information on individual medical professionals, such as mailing addresses, practice addresses, and other identifiers.

The database our security team recovered had 98,922 entries. We found a few dozen test entries, but the majority of the database contained personal information.

Email handles like @gmail.com, @yahoo.com, and @verizon.com also hint that these are personal email addresses, instead of publicly available contacts.

In the same time, email marketing firm Klaviyo disclosed a data breach after threat actors gained access to internal systems and downloaded marketing lists for cryptocurrency-related customers.