Author Topic: DOH-endorsed contact tracing platform has vulnerabilities  (Read 463 times)

adroth

  • Administrator
  • Boffin
  • *****
  • Posts: 12599
    • View Profile
    • The ADROTH Project
DOH-endorsed contact tracing platform has vulnerabilities
« on: November 28, 2020, 12:01:42 AM »
DOH-endorsed contact tracing platform leaked data

Published November 27, 2020, 10:20 AM
by Art Samaniego

http://mb.com.ph/2020/11/27/doh-endorsed-contact-tracing-platform-leaked-data/

COVID-KAYA, a platform used by healthcare workers to collect and share COVID-19 cases with the DOH could have leaked names and locations of more than 30,000 frontliners. Attackers could have also used the vulnerability to see sensitive patient data.

Citizen Lab, an interdisciplinary laboratory based at the Munk School of Global Affairs & Public Policy, University of Toronto (https://citizenlab.ca/) recently released a report titled Unmasked: COVID-KAYA and the Exposure of Healthcare Worker Data in the Philippines.

< Edited >
« Last Edit: November 28, 2020, 01:01:47 AM by adroth »

adroth

  • Administrator
  • Boffin
  • *****
  • Posts: 12599
    • View Profile
    • The ADROTH Project
Re: DOH-endorsed contact tracing platform has vulnerabilities
« Reply #1 on: November 28, 2020, 01:03:15 AM »
There is a window between the creation of a vulnerable application and when an attacker actually exploits that vulnerability.

Was either the DOH or DITC information of the vulnerability before it was made public?