Posting personal photos of plastic surgery patients online |
Thousands of records of plastic surgery patients are found on unprotected servers and anyone can view them because NextMotion data is stored in the Amazon Web Services cosmetic surgery database of medical imaging solutions for clinics around the world. ,
VpnMentor researchers discovered the leak and managed to access nearly 900,000 records, photos and personal videos before and after plastic surgery with highly sensitive materials, including cutting the patient's body parts, but the source of the records is unknown, but it is clear that leaked photos and images belong to NextMotion clients .
In addition to pictures of the patient's face and body, this information includes mathematical operations, recommended treatment steps, video files for 360-degree facial and body checks, and invoice details and procedures. Detailed medical costs and appointments, and can assist in identifying the patient's personal information.
The data enables hackers to create a complete picture of victims so that patients can easily reveal their identity for identity theft, phishing, financial fraud, and even sexual blackmail, and criminals use sensitive documents to request a ransom.
NextMotion CEO d. (Emmanuel Ellard) added that the problem was solved, saying: “Amazon Web Services warned us on January 30 and after talking to the Amazon support team internally, we immediately took corrective action on January 4. February: Cyber Security officially confirmed a security breach.
Since NextMotion is headquartered in France and provides services throughout the European Union, NextMotion is subject to the European Union's General Data Protection Regulation (GDPR).
Although the company's website confirms that it is recognized by European regulations, sensitive patient data is still not protected, which could lead to severe penalties and legal procedures.
Poorly generated and unsafe data sets are becoming increasingly popular. In a recent case, thousands of birth certificate requests were stored on the AWS unprotected cloud platform, while another data leak affected almost all Ecuadorians. These occasional leaks have had a major impact on them. In some cases, cyber criminals have targeted places such as plastic surgery clinics, such as well-known clinics in London.