Not just confidential details of patients like names, addresses, dates of birth but also blood tests results done for HIV detection were part of the leaked report, BuzzFeed News reported.

So how did this happen?

Health Solutions (pathology lab) had stored all this information in an unprotected folder on its website which was accessible to anyone with the right URL. After the reports were released, other search engines like Google picked it up too (including BuzzFeed)

Though after the news spread, the reports were allegedly taken off the internet as we were not able to access the folder. (Which, in this case is a good thing)

As per the BuzzFeed report, the medical document cache was first discovered online by web security expert Troy Hunt who found out that the reports were sitting on a server located in Provo in the United States.

Questioning the security factor, Hunt mentioned that how he noticed that none of these reports were password protected. (meaning anybody could download anybody else’s pathology reports)

What’s more shocking is the lackadaisical approach of the pathology administrator at Health Solutions, who denied any knowledge of the breach saying maintaining doctor-patient privacy is not something of their concern.

Talking to BuzzFeed, the administrator said, ”Health Solutions is moving to a new website in January because the current one has been ‘hacked’ several times”.

When ScoopWhoop News tried to contact the laboratory, we too received a very cold response from the pathology team with none of them willing to comment on the matter. 

This whole episode only shows goes to show lax is India when it comes to medical privacy.