Militarysleep.org is a paitent portal where users can create their accounts, discuss treatment ooptions, and ask questions about their sleep disorders. Researchers from the MacKeeper Security Research Center have discovered a publically accessible Mongo database that contains the private medical data of thousands of military veterans who suffer from sleep disorders.
The database contained a total of 2+ Gigs database containing more than 1,300 messages (sensitive communications between patients and doctors) and personal data of more than 1,200 users, including their names, emails, personal cell numbers, unencrypted passwords and military history/ service rank. The most damaging information discovered are the stored notes and chat logs where patients ask questions about sensitive medical issues they are experiencing and believing the communication is confidential. Many of the email address are @us.army.mil and we can assume treat both active and former millitary service members.
Medical privacy is extremely important for both citizens and military veterans and if details are leaked about their diagnoses and treatment, it could affect their current employment, future employment, security clearances or other areas of their lives. Even worse the fear that employers could discriminate against an applicant or employee based on their leaked medical records or likelihood of illness. This is why protecting medical records is so important and every step for cyber security must be taken.
The site is registered to Maryland based Dr. Emerson Wickwire PhD and according to his personal website “My research interests focus on biobehavioral sleep processes including sleep as therapy for the body and brain, the most common sleep disorders, sleep in special populations, and dissemination of best practices.”
Luckily, this database did not fall victim of the Harak1r1 the 0.2 Bitcoin Ransomware - a malicious actor who targets unprotected MongoDB all around the world. Shortly after we sent email notifications to database was closed down, though without any word or comment from the developers.
We would like to thank Dissent from databreaches.net for assisting in covering / securing that breach. Please make sure to read her story here.
The Militarysleep.org database was discovered just one day after thousands of similarly misconfigured Mongo databases were infected and had all of the data removed and held ransom for 0.2 Bitcoin to recover their files. This unfortunate data leak may have just saved their data from being deleted by the Harak1r1 Bitcoin Ransomware. Earlier this week the MacKeeper Research Center discovered a database connected to Emory Healthcare where an estimated 200k medical records had been deleted and only a request for the ransom remained in the database. For more on that story click here or here.