UK NHS Covid jab booking site leaks people’s vaccine status

Stopspying

Level 19
Thread author
Verified
Top Poster
Well-known
Jan 21, 2018
814
"NHS Digital is revising its process for booking Covid vaccinations in England after the discovery of a “seriously shocking failure” that leaked medical data from the site.

The website lets users make appointments using their NHS number or, if they do not have it to hand, some basic identity information. But in the process, users’ vaccination status is disclosed, allowing anyone who possesses basic personal details of a friend, colleague or stranger to find out what should be confidential medical information.

Employers would therefore, in theory, be able to trivially find out which of their staff had been vaccinated, for instance, while others may feel under pressure not to get the vaccine for fear of criticism from anti-vaccination friends or colleagues...."

 

Stopspying

Level 19
Thread author
Verified
Top Poster
Well-known
Jan 21, 2018
814
This quote at the end of the linked article worries me "The system does not have any direct access to anyone’s medical record and people should not be fraudulently using the service – it should only be used by people booking their own vaccines or for someone who has knowingly provided their details for this purpose.”

If the whole world is extremely honest then that might not be a problem. But for a spokesperson representing NHS Digital, the body that deals with our national health services digital affairs, to say this in a world where data theft is extremely common is just plain ignorant and they should be fired from that role immediately.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top