A flaw has been fixed by Molina Healthcare, which exposed “countless” patient medical claims to the entire internet without requiring any authentication. According to independent researcher Brian Krebs, gaining access to a single hyperlink to an online patient record would allow an attacker to enumerate and download all other claims.
Read full news article on Infosecurity