SEE TOO Most Read
ON THE HIGH Tags
Laboratory a+ leaks customer data in app. In addition to receiving medical data from other patients, users reported difficulty accessing the a+ laboratory app this Thursday (31)
3 minutes reading

Laboratory a+ leaks customer data in app

Avatar of otávio queiroz
Otávio Queiroz
March 31th, 2022
In addition to receiving medical data from other patients, users reported difficulty accessing the Laboratory a+ app this Thursday (31)
Table of Contents
  1. attack history
  2. what the company says
    1. Discover more about Showmetech

customers of Laboratory a+ Diagnostic Medicine took a scare this Thursday afternoon (31), after receiving medical data from other people on the company's platform. According to users, notifications containing test results from third parties were received through the app and, by clicking on the PDF sent, it was possible to check personal data, such as full name and date of birth, in addition to medical information that should be confidential and private. of the patient.

Na app page on Play Store, several users reported, in addition to the presence of other people's exams, difficulty accessing settings and personal data. One of them even claimed to have access not only to one exam, but several of them with different people's names. “I can't get into my settings at all. The app closes out of nowhere and I can still see the test results of three different people”, says the comment of one of the users.

Laboratory a+ leaks customer personal data in app
Notification shows third-party information in a+ Lab app (31) (Showmetech)

Others are still worried that there is a hacker attack behind the problem. “Is this a bug or is a hacker messing with Fleury's systems again? Is my data being leaked to others at Lab a+?”, says another patient. So far, none of the comments from the Play Store received an official response from the company.

attack history

Laboratory a+ leaks customer personal data in app
Users report problems on the app's page on the Play Store (Showmetech)

In June of last year, the Fleury Group, administrator of Laboratory a+, was a victim of ransomware REvil. At the time, the group of criminals behind the attack reported having more than 450 GB of company data, such as bank transaction records, sensitive medical information, exams, phone and email list and others. A ransom of $5 million was demanded to keep the leak from happening.

In order to pressure the Fleury Group, the hackers also claimed to have leaked some sensitive data, such as customer documents, on a dark web blog. In a statement released at the time, however, the company said there was no evidence of data leakage, in addition to claiming that there was no ransom demand. At the time, the systems of several hospitals and laboratories were also down for a week thanks to the attack.

what the company says

In a note sent to showmetech, the press office of the Fleury Group stated that the notifications were mistakenly sent to some users of the platform due to an internal procedure, and there was no type of information leak. Check out the full statement:

a+ Medicina Diagnóstica informs that, during tests of new features of its application, a notification was mistakenly sent to the users of this platform. The test involved specific and unique data from two of our tech professionals who were involved in this test. There was, therefore, no disclosure of information from any customers. As soon as the failure of this test was detected, the tests were stopped.

a+ Diagnostic Medicine

See also:

The year 2021 was difficult for companies thanks to the various hacking attacks. Despite that, the Data leakage in Brazil decreased by 31% last year.

Discover more about Showmetech

Sign up to receive our latest news via email.

Related Posts