Live
- DEO suspends teacher accused of sexual assault
- PM ‘cursing’ Congress out of despair: Maharashtra Cong Chief
- Applications are invited for Junior Colleges Scheme District Scheduled Castes Development Officer Ramlal
- A nomination was filed on the second day for the Nagar Kurnool parliamentary seat
- SP Gaikwad inspected the Telangana Amarnath Saleswaram Jatara yatra arrangements
- Rahul Gandhi's decision to contest from Wayanad shows 'lack of confidence': BJP President Nadda
- IPL 2024: Delhi bowlers will go after all of SRH’s top-order batters, says head coach Ricky Ponting
- At Amroha rally, PM Modi sends out ‘meaningful’ message for Muslims and Hindus
- Tripura records highest 79.83 pc voter turnout in Northeast
- The government has to clear the confusion
Apollo Hospitals' bug granting access to details of 1 million patients fixed
Earlier this week, French security researcher Elliot Alderson and Indian security consultant Shashank revealed that the patient database of corporate hospital chain Apollo Hospitals was allegedly at the risk of being hacked easily.
Earlier this week, French security researcher Elliot Alderson and Indian security consultant Shashank revealed that the patient database of corporate hospital chain Apollo Hospitals was allegedly at the risk of being hacked easily.
Shashank posted a tweet on Saturday regarding the bug which could grant access to personal details over one million persons who had booked appointments online, was now patched.
Hi @HospitalsApollo, a serious security issue has been discovered in your system, can you contact me by DM? The personal data of millions of people are at stake, this is important.
— Elliot Alderson (@fs0c131y) March 12, 2018
Shashank in his blog wrote that he stumbled on the bug while booking a dental appointment at the Apollo Hospital’s digital platform, Ask Apollo.
How Apollo hospitals could leak 1 million users data [Now patched]https://t.co/14J08mYub7
— Shashank (@cyberboyIndia) March 16, 2018
Stating that he had tried to contact them via emails, Shashank said that he then got in touch with Alderson following which Apollo fixed their vulnerability.
Elliot Alderson recently disclosed security vulnerabilities with several Indian agencies and companies, including Aadhar, Paytm, etc.
Earlier he pointed out similar and serious security vulnerabilities with databases of the Aligarh Muslim University, BSNL, UIDAI, Paytm and others.
As the issue is now fixed, I can disclose the full details of the @HospitalsApollo issue. All the physical appointment forms were available at this url: https://t.co/N9zfrmmdXc. By changing the hashKey param, it was possible to access more than 1 million forms. pic.twitter.com/5Q9W8vMVJK
— Elliot Alderson (@fs0c131y) March 16, 2018
