According to the Health Service Executive, it “misconfigured” a database that held over a million people’s immunisation records, reports RTE.
Security researcher Aaron Costello discovered the bug in 2021 and notified the HSE about it.
Mr. Costello claims that an HSE technology system was improperly designed, giving more persons than necessary access to the data.
Security researcher Mr. Costello of AppOmni, a cybersecurity business located in Dublin, claimed the database had sensitive data on more than a million Irish residents, including their names, immunisation status, and kind of vaccine received, reports RTE.
According to the HSE, the configuration error was corrected the same day it was discovered.
“In this case an external source pointed out one misconfiguration which would have required deep technical expertise to exploit,” a spokesperson said, reports RTE.
“Apart from the source who informed us of this issue, there was no unauthorised accessing or viewing of this data,” reports RTE.
“If someone accessed data, we would be able to see this in the detailed logs which we analysed,” the HSE said, reports RTE.
Tell us your thoughts in the Facebook post and share this with your friends.