2.7M recorded medical calls from 1177 Swedish Healthcare, audio files left unprotected on web
Every call made to 1177 Swedish Healthcare Guide service since 2013, and answered by the subcontractor Medicall, was stored as WAV or MP3 audio files on a server that had no encryption or authentication protection.
IDG’s Computer Sweden revealed that 2.7 million recorded calls made to the 1177 national health service were left completely unprotected on a server. Every call made to 1177 since 2013, and answered by the subcontractor Medicall, was stored as WAV or MP3 audio files on a server that had no encryption or authentication protection. That adds up to “170,000 hours of sensitive phone calls with symptoms, etc.,” which anyone with the right IP address could have accessed. Some of the audio files, which were marked with the callers’ telephone numbers, included the Social Security numbers of children and adults and specific health-related symptoms.
Tommy Ekstrom, CEO of Voice Integrate Nordic, told IDG, “This is catastrophic, It’s sensitive data. We had no idea that it was like this. We will, of course, review our systems and check out what may have happened.”