Overview
Severity: CRITICAL | Affected: SynthCare | Category: breach
AI-driven healthcare provider SynthCare has confirmed a massive data breach affecting approximately 2.5 million patients. The breach stemmed from a misconfigured API endpoint connected to its proprietary diagnostic AI model. The endpoint, intended for internal model updates and data ingestion, was inadvertently exposed to the public internet without proper authentication. Attackers exploited this vulnerability to exfiltrate a vast dataset containing sensitive protected health information (PHI), including patient names, addresses, diagnoses, and medical histories. Forensic analysis indicates the attackers had access for several weeks. Beyond data theft, there is evidence that the attackers may have attempted to manipulate the model's parameters, raising critical concerns about the integrity of AI-generated medical advice. The incident is now under investigation by federal regulators and serves as a stark reminder of the critical need for robust API security and access controls in AI systems handling sensitive data.