The NHS is investigating allegations concerning a software flaw at Medefer, a private medical services provider managing NHS patient referrals. Discovered by a software engineer last November, the flaw potentially exposed patient data due to improperly secured APIs. Although Medefer asserts no evidence of a breach exists, the engineer believes the issue may have persisted for six years. Following the discovery, the flaw was swiftly fixed, and the company commissioned an external review of its systems to reinforce data management protocols. The NHS's response indicates they are taking the situation seriously and will act if necessary.
The flaw was fixed a few days after being discovered, emphasizing Medefer's swift response to potential threats against patient data security.
Medefer’s system, which facilitates virtual appointments, had specific vulnerabilities that allowed for access to patient data through poorly secured APIs.
Collection
[
|
...
]