More than 1B CVS Health records exposed in online database

Healthcare IT News

Kat Jercich

Security researchers earlier this spring discovered a database containing more than a billion records, including emails that could be targeted in a phishing attack for social engineering.

The database, which was not password-protected, was flagged by the WebsitePlanet research team in cooperation with Jeremiah Fowler.

Public access to the data was restricted the same day that CVS Health was notified.

"In March of this year, a security researcher notified us of a publicly accessible database that contained non-identifiable CVS Health metadata," said CVS Health in a statement sent to Healthcare IT News.

"We immediately...

Get the Morning Update

Thanks for subscribing!