A data breach at Florida-based recruitment firm MNA Healthcare has left sensitive information of over 14,000 healthcare workers and 10,000 hospitals exposed. Discovered on June 20, 2024, by the Cybernews research team, the breach was caused by a misconfiguration that left a database backup publicly accessible online. The database contained sensitive data, including full names, addresses, phone numbers, work experience, encrypted Social Security Numbers (SSNs), and hashed passwords.
The encryption used for the SSNs was found to be vulnerable due to an exposed environment file containing the Laravel App Key, which is used for encrypting SSNs. While encrypted, researchers indicated that decrypting the SSNs is possible, putting affected healthcare workers at risk of identity theft and fraud. The exposed data is particularly concerning because healthcare professionals are often targeted by cybercriminals, as their high salaries make them attractive for financial fraud.
MNA Healthcare is a staffing firm that operates in nine U.S. states, matching healthcare professionals with various organizations. Among the leaked information were communications between medical staff and MNA representatives, job assignments, and license copies. This breach puts not only doctors and healthcare workers at risk of identity theft, but also opens up opportunities for credential stuffing and phishing attacks.
The exposed data also increases the possibility of criminals using stolen SSNs to engage in fraudulent activities such as filing false tax returns, opening credit accounts, and misusing the information to obtain loans or benefits. As the leaked database included names of hospitals and medical institutions, these entities could also face reputational damage and potential legal ramifications.
To prevent future breaches like the one at MNA Healthcare, companies must implement more robust cybersecurity measures. One essential step is ensuring that databases containing sensitive information, such as SSNs and other personal data, are encrypted using stronger, more up-to-date encryption methods. Regular security audits should be conducted to detect any misconfigurations or vulnerabilities in their systems before malicious actors can exploit them.
Another crucial step is implementing stricter access controls and monitoring systems. Limiting access to sensitive data to only necessary personnel and tracking any unusual access attempts or data transfers can help detect a breach early. Additionally, using multi-factor authentication (MFA) for employees accessing critical systems adds an extra layer of security, making it harder for unauthorized individuals to infiltrate the system. Finally, companies should also educate their employees about cybersecurity risks and how to recognize phishing scams to minimize the risk of human error leading to data breaches.
Following the discovery of the breach, MNA Healthcare secured the exposed configuration, but concerns remain about the company’s overall infrastructure security. Security expert Aras Nazarovas pointed out that the backup and encryption issues raise questions about how the company stores sensitive information.
The healthcare sector remains a popular target for cyberattacks, and this breach highlights the need for stronger cybersecurity practices in protecting personal information. Affected individuals are advised to monitor their financial accounts and consider identity theft protection to mitigate potential risks.