Security News > 2023 > June > Lantum S3 bucket leak is prescription for chaos for thousands of UK doctors
A UK agency for freelance doctors has potentially exposed personal details relating to 3,200 individuals via unsecured S3 buckets, which one expert said could be used to launch ID theft attacks or blackmail.
In the process, it discovered the Lantum S3 bucket, which was accessible and indexed on some IoT search engines.
"The Register has offered Lantum the opportunity to comment. According to a statement given to doctors' news site Pulse, a spokesperson for Lantum said:"While this data may have been accessible to unauthorised individuals, there is currently no indication that data has been accessed and no reason to suspect that this is the case.
Dr Marcus Baw, immediate past chair of Royal College of GPs Health Informatics Group, said the accessible information was personally sensitive and could leave affected doctors exposed.
Baw warned it might take years for the details to resurface in the form of ID theft campaigns after the details have been traded on the dark web.
He said Lantum should be able to analyze downloads from the S3 buckets in question to asses if there had been any unusual activity, and notify the doctors affected.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/06/12/lantum_s3_bucket_leak/