GitHub is by far the largest host of source code across the entire globe. In fact, as of January 2020, the platform reported to have over 40 million users, along with 100 million+ repositories, including 28 million of public ones.
Such a huge host has to keep its data overly secured as one breach can cost it a lot, not to mention compromise millions of people.
GitHub is indeed secure, but one simple misstep can be a catastrophe, which is exactly what happened lately.
Apparently, a Dutch security researcher came across nine data leak incidents that involve medical records belonging to around 200,000 patients.
There are a couple of questions every one using Github should get answers to: Who discovered the leaks? What data was compromised? And what are the leaking repos? Let’s answer those for you.
The GitHub Leaks – In Details
The issue was found by an ethical hacker – Jelle Ursem, who teamed up with Databreaches.net to dig deeper into the matter.
With a joint effort, both Ursem and Databreaches.net came up with a report detailing nine data leaks that involve healthcare providers, along with business associates and third-party relationships, all serving the medical sector.
According to Ursem, an alarming amount of sensitive data has been leaked, including login-credentials. Now, Ursem’s attempts came from a good place, but not all of the affected entities were fond of what he was doing.
In fact, only three of them responded to the researchers’ disclosure and tried to fix their mistake. The rest either ignored what he found or threatened to take legal actions against him.
Legal actions are definitely not in place as Ursem is giving the entities enough time to address the leaks. We’re not going to mention which of them did what, but we are going to showcase the affected entities.
As mentioned, 9 leaking repos were reported, including Xybion, Texas Physician House Calls, MedPro Billing, VirMedica, MaineCare, Waystar, Shields Health Care Group, AccQData, and one left unnamed.
So over 200,000 unique patients’ records were exposed, but what’s the reason? According to the report, the leaks occurred because developers did the following:
- Embedded hard-coded login credentials in their code instead of making it a configuration option on the server the code runs on.
- Used public repositories instead of private repositories.
- Failed to use two-factor or multifactor authentication for email accounts and/or abandoned repositories instead of deleting them when no longer needed
- Service providers also increased the risk of leaks by failing to deploy IP address whitelists, not enforcing password resets, and not providing a responsible disclosure mechanism.
Personal information and your online security are two things you should protect all the way while browsing the web. To do so, you should have the proper knowledge.
There are dozens of websites, including the likes of The VPN Guru that provide comprehensive guides on how to increase your online security and browse the internet anonymously. Check them out, your sensitive data is at risk.