Telemedicine vendor breaches the data of 2.4 million patients in Mexico

The personal data of over 2 million patients was exposed online after a Mexican telemedicine company, Hova Health, misconfigured a MongoDB database. The exposed data included patient names, personal ID codes, insurance policy numbers, dates of birth, and addresses. Hashed passwords for administration accounts and emails were also included. Misconfigurations like this are common in the healthcare sector, putting patient data at risk of being breached. It is important for healthcare organizations to regularly audit their security processes and have an incident response process in place.