Unbelievable. Or maybe too believable...
I previously posted about Bolton Walk-in Clinic in Ontario not locking down their patient data despite multiple responsible disclosure alerts (https://infosec.exchange/@PogoWasRight/113589181607493357). Then I reported that Canada's cybersecurity agency contacted me and offered to help (https://infosec.exchange/@PogoWasRight/113589757905504474).
Well, they tried... but got no results either. Bolton Walk-In Clinic is still exposing patient data and didn't even do anything when contacted by Canadian federal police.
If any Canadian news outlet would like to report on this, get in touch. nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqgngyl02u9dl2d3a8xchhctfns95mzf2cs2yulwensk9jd0gc7gaq855au4 (nprofile…5au4) and I will share the information with you (yes, I just volunteered him too). 😂
Or if anyone is in the vicinity of their clinic, maybe stand outside with a sign that says, "Bolton Walk-In Clinic is leaking patient data and ignoring alerts!" That might get some attention...
Bonus points if you get someone in a Santa outfit to stand outside their clinic with a sign that says "Bolton Walk-In Clinic is naughty -- they are leaking patient data."
#dataleak #negligence #healthsec #PHIPA #HIPA #cybersecurity #databreach #accountability
Dissent Doe :cupofcoffee: /
npub1rh…klmka
2024-12-16 18:23:58
Author Public Key
npub1rh9ks6jqam8nj4kccfk505f70erhhq0g0kcr6w32c5ywyqgltdpsmklmkaPublished at
2024-12-16 18:23:58Event JSON
{
"id": "da5f3249b4a93d215464b780d4690e50a89bc8fb1b6849e3459854ee8f9f3739",
"pubkey": "1dcb686a40eecf3956d8c26d47d13e7e477b81e87db03d3a2ac508e2011f5b43",
"created_at": 1734373438,
"kind": 1,
"tags": [
[
"p",
"44d04fbd5c2b7ea6c7a7362f7c2d338169b125588289cfbb33858b26bd18f23a",
"wss://relay.mostr.pub"
],
[
"p",
"bb8e8c17bc79adbce61afb91fe2bf910c667e608a5a25cc8762a7f0d8daa5ca0",
"wss://relay.mostr.pub"
],
[
"t",
"dataleak"
],
[
"t",
"negligence"
],
[
"t",
"healthsec"
],
[
"t",
"phipa"
],
[
"t",
"hipa"
],
[
"t",
"cybersecurity"
],
[
"t",
"databreach"
],
[
"t",
"accountability"
],
[
"proxy",
"https://infosec.exchange/users/PogoWasRight/statuses/113663897687639896",
"activitypub"
]
],
"content": "Unbelievable. Or maybe too believable...\n\nI previously posted about Bolton Walk-in Clinic in Ontario not locking down their patient data despite multiple responsible disclosure alerts (https://infosec.exchange/@PogoWasRight/113589181607493357). Then I reported that Canada's cybersecurity agency contacted me and offered to help (https://infosec.exchange/@PogoWasRight/113589757905504474).\n\nWell, they tried... but got no results either. Bolton Walk-In Clinic is still exposing patient data and didn't even do anything when contacted by Canadian federal police. \n\nIf any Canadian news outlet would like to report on this, get in touch. nostr:nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqgngyl02u9dl2d3a8xchhctfns95mzf2cs2yulwensk9jd0gc7gaq855au4 and I will share the information with you (yes, I just volunteered him too). 😂 \n\nOr if anyone is in the vicinity of their clinic, maybe stand outside with a sign that says, \"Bolton Walk-In Clinic is leaking patient data and ignoring alerts!\" That might get some attention... \n\nBonus points if you get someone in a Santa outfit to stand outside their clinic with a sign that says \"Bolton Walk-In Clinic is naughty -- they are leaking patient data.\" \n\n#dataleak #negligence #healthsec #PHIPA #HIPA #cybersecurity #databreach #accountability",
"sig": "d9fcd0a009a29198619008a0d335201135a75ab8f03383cef340e61f1706040009e84e4bbb9fcdfe0e838669a6f24fec2f90a1a69db2bf4a1761a4731f628f14"
}