Redcliffe Labs Faces Cyber Attack: 12 mn Records Potentially at Risk

In a concerning discovery, cybersecurity researcher Jeremiah Fowler has reported a significant data breach at Redcliffe Labs involving a non-password protected database, potentially putting over 12 million medical records at risk. Fowler shared his findings with WebsitePlanet, unveiling a substantial breach that included medical diagnostic scans, test results, and other sensitive health records.
Redcliffe Labs app is vulnerableThe exposed database contained a staggering 12,347,297 records, with a total size of 7TB. These records contained crucial information, including patient names, details of attending physicians, and whether the tests were conducted at home or at a medical facility. The database also revealed that the documents belonged to Redcliffe Labs, a prominent diagnostic center based in India.

Upon discovering this security lapse, Fowler promptly sent a responsible disclosure notice to Redcliffe Labs. The company acted swiftly by restricting public access to the exposed data, acknowledging Fowler’s contribution and efforts. However, the duration of the exposure remains unclear, as does whether unauthorized individuals had accessed these sensitive health records during the breach.

Redcliffe Labs is a well-known diagnostic center in India, offering a broad range of wellness and illness tests, including home-based testing, medical facility testing, and online services through a mobile application. The services cover comprehensive health checkups, blood tests, diabetes screenings, joint care, vitamin assessments, and specialized tests for cancer, genetics, HIV, pregnancy, and more. The company also offers free sample collections and consultations with doctors, serving approximately 2.5 million customers.

A critical revelation from the exposed database is the existence of a folder named “test results,” which contained over 6 million PDF documents. This raises questions about whether more customers were affected or if these documents represented multiple tests from the same customers.

The records inside the database were categorized as follows:

Reports: 1,180,000 records, totaling 620.5 GB.

Smart Report Storage: 1,164,000 records, totaling 1.5 TB, presenting test results in an info-graphic style.

Test results: 6,090,852 records, totaling 2.2 TB.

Miscellaneous folders: 3,912,445 records, totaling 2.7 GB, containing various non-password protected files, including .PDF documents, internal business files, logging records, and mobile application development files.

Of particular concern is the exposure of development files from Redcliffe Labs’ mobile application, which is accessible on Google Play and Apple’s App Store. Such exposed application files carry potential risks in the hands of malicious actors, as they can control application functionality and data transmission between users and the host server. The most significant risk is the manipulation or modification of the application’s code files, which could allow cybercriminals to compromise the app’s integrity and security, inject malware, or introduce unauthorized functionality.

While there is no evidence to suggest that the Redcliffe Labs app is currently vulnerable or compromised, the exposure of its source code highlights the potential risks associated with such breaches. Exposed code and resource files can be analyzed or reverse-engineered, potentially leading to the discovery of vulnerabilities that could be exploited in the future.

This incident serves as a stark reminder of the critical need for robust cybersecurity measures, particularly in the healthcare sector, where the privacy and security of sensitive medical data are paramount. It is hoped that Redcliffe Labs will take swift action to investigate the extent of the breach and further fortify its security to prevent such incidents in the future.