The vaccination database in the Community of Madrid has been open for hours on the network and with public access due to

a digital cybersecurity gap

, according to Telemadrid exclusively.

The computer failure has allowed access to sensitive data of the immunized people - such as their address and their mobile phone - together with the health workers just by entering their ID.

Due to this incident, already solved, data from both anonymous citizens and personalities such as the King, the President of the Government, Pedro Sánchez, and the former President José María Aznar have been on the air.

Some of the identity documents are easy to find using a Google search.

Telemadrid has notified the decision to the Ministry of Health of the Community of Madrid.

Likewise, it has made the facts known to the National Police and the Civil Guard in case a crime had been incurred.

Among the data that have been uncovered were

the place and time where

users

have been vaccinated

and the brand of dose they have received.

You could even know the arm where the injection was given and the name of the health worker who administered it.

Access

To access this data, it was only necessary to have a

proxy

program

, some of which are free and easily downloaded over the Internet.

It is a software that analyzes everything that happens on the computer, the web pages that are visited and the services that are used.

The use of proxies is very common mainly for computer programmers, but also for cybercriminals, who can take advantage of any security breach to obtain data that, in principle, should not be seen.

With software of this type, which is freely accessible and does not require any identification certificate or any access code, you can track pages such as the self-appointment to get vaccinated in Madrid or other Madrid public health services. Normally, when a proxy is used on pages of this type, the private data of citizens is not visible, but this has not happened with some key health websites of the Madrid regional government.

All this sensitive data has been open and accessible on the web until 7:00 p.m. this Wednesday.

In the data provided by the proxy used, it can be seen how Indra is the developer of these pages.

Computer experts consulted by Telemadrid have indicated that "these companies are asked for very high requirements in these public tenders", but in this case they have not met the minimum security requirements that any page of this type must have.

According to the criteria of The Trust Project

Know more

See links of interest

  • Last News

  • Work calendar

  • Holidays Madrid

  • Home THE WORLD TODAY

  • Stage 11 of the Tour, live

  • England - Denmark, live