Two misconfigured databases breach thousands of MedCall Advisors patient files

A researcher discovered the North Carolina-based tech vendor is leaking protected patient data through its Amazon S3 bucket twice in a month. Security researcher Britton White contacted DataBreaches.net that MedCall, a workers compensation and healthcare solutions vendor, left a storage bucket containing 10,000 files exposed to the internet, available for download and or deletion or editing.In fact, the database was listed on the searchable tool grayhatwarfare.com, which publicly lists current open Amazon S3 buckets.Some patient names were included in filenames,...