Article 558AE Security lapse at South Africa’s LogBox exposed user accounts and medical data

Security lapse at South Africa’s LogBox exposed user accounts and medical data

by
Zack Whittaker
from Crunch Hype on (#558AE)

LogBox, a South African medical data startup that bills itself as an absolutely secure" way of replacing paper forms for sharing patient data with doctors, has exposed user accounts and patient data following a security lapse.

Security researcher Anurag Sen found an exposed database belonging to the company containing account access tokens for thousands of LogBox users, which if used would grant full access to users' accounts without requiring their password, Sen said.

Sen reported the exposed database to the company but did not hear back. After TechCrunch reached out, the database was pulled offline.

When reached, LogBox director Neal Goldstein declined to comment by our deadline or answer any of our questions, specifically if LogBox planned to inform users or customers that data was exposed or if the company plans to report the incident to regulators.

Founded in 2010, LogBox has become a rising star in South Africa, just last year partnering with Lancet Laboratories, a medical diagnostics company that operates in 11 African countries.

South Africa is one of Africa's top tech hubs, attracting $206 million in VC in 2019, according to Partech.

Healthtech ventures have been on the rise across Africa, with medical related startups accounting for a third of all investment deals on the continent in 2019, per WeeTracker's last annual investment report.

LogBox's database exposure comes as South Africa's new data privacy laws - advanced by the country's president Cyril Ramaphosa - take effect on July 1.

South Africa's Protection of Personal Information Act (POPIA) seeks to better safeguard personal data and protect against data breaches, per a statement of the country's president.

The measure includes guidelines that apply to LogBox's business activities and database exposure.

Did African startups raise $496M, $1B or $2B in 2019?

Techcrunch?d=2mJPEYqXBVI Techcrunch?d=7Q72WNTAKBA Techcrunch?d=yIl2AUoC8zA Techcrunch?i=Ow3SiebGCxo:1ICGfbaCFrg:-BT Techcrunch?i=Ow3SiebGCxo:1ICGfbaCFrg:D7D Techcrunch?d=qj6IDK7rITsOw3SiebGCxo
External Content
Source RSS or Atom Feed
Feed Location http://feeds.feedburner.com/TechCrunch/
Feed Title Crunch Hype
Feed Link https://techncruncher.blogspot.com/
Reply 0 comments