Such database misconfiguration has leaked healthcare professionals’ full names, birthdates, phone numbers, addresses, email addresses, work experiences, assigned jobs, communications with MNA Healthcare, hashed temporary passwords, and encrypted Social Security numbers, according to Cybernews researchers. Despite SSN encryption of SSNs with ‘mcrypt,’ the leak of the Laravel App Key potentially used for such a security process increases the risk of decryption and targeting in phishing and fraud attacks.

Source: SC Magazine