Researchers have discovered an unprotected, online database belonging to American healthcare company CVS Health, which has been exposed with over a billion records containing sensitive information.
The discovery was first made in March 2021 by Jeremiah Fowler and the WebsitePlanet research team stated the database was secured the very next day after CVS was notified. The healthcare firm reached out to a third-party vendor responsible for securing the database.
It is still not determined whether someone apart from the researchers previously built the database and/or exfiltrated the data held within. But Fowler believes that social engineering attacks may have been used to identify some of the customers and target them.
To Read More: helpnetsecurity