A significant security breach was uncovered on Mobitel’s eChannelling website, where a search page inadvertently revealed sensitive patient information.

This alarming discovery was made by a user on Reddit, who found that the page was publicly accessible, allowing anyone to search for and obtain personal details of patients, including their names, National IDs, phone numbers, and other private information with just a simple query.

The page was promptly removed following the Reddit alert, but the duration for which it remained accessible to the public remains uncertain. Given that eChannelling serves over 260 hospitals and 5,500 doctors, it is likely that the personal data of tens of thousands of users may have been at risk during this exposure.

In response to the incident, questions arose regarding the oversight that allowed such a vulnerability to exist. While the company asserts that it conducts multiple internal and external security audits each year, the specific reasons for the page’s prolonged exposure are still unclear.

Typically, an organization would act swiftly to address such vulnerabilities by patching the issue and informing all affected parties, including customers, healthcare providers, and relevant authorities.

However, in this case, the vulnerability remained unaddressed until it was publicly highlighted. As of now, neither Mobitel nor eChannelling has officially acknowledged the data leak.

For users concerned about their personal information, one recommended course of action is to reach out directly to eChannelling via email to request that their data not be processed further, although the website lacks clear protocols regarding cybersecurity incidents.

#DataBreach #CyberSecurity #PatientPrivacy #Mobitel #eChannelling #HealthcareSecurity #SensitiveInformation #DataProtection #PrivacyMatters #SecurityAudit #UserAwareness #DigitalSafety #InformationLeak #HealthData #PublicSafety #DataVulnerability #RedditDiscovery #PatientConfidentiality #DataRisk #CyberThreats #HealthcareData