News

Health insurer VGZ placed customer data online in an unsecured manner

By admin
Spread the love

Data from 27,000 customers of health insurer VGZ has been online for two years in an unsecured environment. It concerns a ‘human error’ by an employee who wanted to test new software.

The employee copied the data of the insured to his own FTP server to be able to test new software, the health insurer has announced. This included declaration data. “That’s not how it should be,” said VGZ spokesperson Mark van der Wolf.

“The employee probably decided to put the data on his own server shortly after the project,” said Van der Wolf. However, the ftp server was not password protected, so in theory anyone could access it. At the end of 2013, the insurer only found out that the data was unsecured online and was taken offline.

According to the health insurer, there is little chance that the problem has been abused, because someone should have looked for it specifically. The data was also ‘partially fictitious’, although it is not clear what this means. VGZ also does not dare to explicitly exclude abuse. As a result of the vulnerability, the security procedures have been tightened, the organization assures.

You might also like
News

Judge: US government may no longer have contact with social media companies

News

The Flemish government sets up a company to build a digital data vault

News

OPPO announces OHealth H1 health gadget with sleep tracking and ECG function

Review

What’s the best Wear OS watch? – ty vs. Google Pixel Watch

Downloads

Software Update: FreeFileSync 11.28

Downloads

Software Update: PicPick 7.0.0