Medical images such as X-rays and scans of patients in at least fifty countries appear to be on unsecured servers, the American research site ProPublica and the German Bayerische Rundfunk discovered . Some Dutch patients are also victims.
In the United States, ProPublica struck 187 vulnerable servers that were not locked with a password or other security measures. On some servers only names could be found, others contained images from medical records of, among others, the elderly and prisoners.
Some servers were accessible via free downloadable software. Others were even used to view with a web browser.
German journalists also found five unprotected servers in Germany, making it easy to view thirteen thousand medical records. The find was later confirmed by the German privacy watchdog BSI.
In total, ProPublica and Bayerische Rundfunk found 16 million scans worldwide, which can often be traced to specific patients via the names and dates of birth.
The Dutch Data Protection Authority cannot provide information about specific cases in the Netherlands, but points to the duty to report serious data breaches.