18.1 C
Brisbane
Sunday, August 9, 2020

Security lapse at South Africa’s LogBox exposed user accounts and medical data

Must read

Rwandan researchers discover new malaria strain

While the resistance was identified in a laboratory experiment, the researchers say that it has not yet appeared among humans across the...

Kampala has a lot more COVID-19 cases than reported – US Embassy

The US Embassy in Uganda has warned Americans living and working in Uganda to take extra precautions because according to them, despite...

EC ‘studying’ petition challenging Bobi Wine as NUP president

The Electoral Commission (EC) has said it is reviewing a petition challenging how Kyadondo East MP Robert Kyagulanyi aka Bobi Wine became...

Coronavirus – South Sudan: World Council of Churches (WCC) calls for end to violence in South Sudan

Rev. Prof. Dr Ioan Sauca, World Council of Churches (WCC) interim general secretary, joined the South Sudan Council of Churches and the...

LogBox, a South African medical data startup that bills itself as an “absolutely secure” way of replacing paper forms for sharing patient data with doctors, has exposed user accounts and patient data following a security lapse.

Security researcher Anurag Sen found an exposed database belonging to the company containing account access tokens for thousands of LogBox users, which if used would grant full access to users’ accounts without requiring their password, Sen said.

Sen reported the exposed database to the company but did not hear back. After TechCrunch reached out, the database was pulled offline.

When reached, LogBox director Neal Goldstein declined to comment by our deadline or answer any of our questions, specifically if LogBox planned to inform users or customers that data was exposed or if the company plans to report the incident to regulators.

Founded in 2010, LogBox has become a rising star in South Africa, just last year partnering with Lancet Laboratories, a medical diagnostics company that operates in 11 African countries.

South Africa is one of Africa’s top tech hubs, attracting $206 million in VC in 2019, according to Partech.

Health tech ventures have been on the rise across Africa, with medical-related startups accounting for a third of all investment deals on the continent in 2019, per WeeTracker’s last annual investment report.

LogBox’s database exposure comes as South Africa’s new data privacy laws — advanced by the country’s president Cyril Ramaphosa — take effect on July 1.

South Africa’s Protection of Personal Information Act (POPIA) seeks to better safeguard personal data and protect against data breaches, per a statement of the country’s president.

The measure includes guidelines that apply to LogBox’s business activities and database exposure.

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisement -

Latest article

Rwandan researchers discover new malaria strain

While the resistance was identified in a laboratory experiment, the researchers say that it has not yet appeared among humans across the...

Kampala has a lot more COVID-19 cases than reported – US Embassy

The US Embassy in Uganda has warned Americans living and working in Uganda to take extra precautions because according to them, despite...

EC ‘studying’ petition challenging Bobi Wine as NUP president

The Electoral Commission (EC) has said it is reviewing a petition challenging how Kyadondo East MP Robert Kyagulanyi aka Bobi Wine became...

Coronavirus – South Sudan: World Council of Churches (WCC) calls for end to violence in South Sudan

Rev. Prof. Dr Ioan Sauca, World Council of Churches (WCC) interim general secretary, joined the South Sudan Council of Churches and the...

KIIR’S INSENSITIVITY TO THE PEOPLE HE GOVERNS

In July 2011, South Sudan got its independence as a militarized rule or power, corrupt political system of governance. During the period...