Dental practice software maker fixes bug that exposed patients' medical records

Practice by Numbers, the developer of a patient management software used in thousands of dentists’ offices, has fixed a security flaw that exposed the private health records of patients on a portal that comes bundled with the software, TechCrunch has learned.

One patient, Joseph R. Cox, reported the bug to TechCrunch after he encountered the issue while looking at his own dental records on the portal, which was offered by his dentist’s office.

This patient portal is part of a dental office management software made by Practice by Numbers, which claims its products are used in over 5,000 dental practices across the United States.

Cox said the bug allowed any user of the portal, which houses patients’ medical documents and health records, to access documents belonging to other patients. He said he was able to access other patients’ documents from his account, including their personal information, medical histories, photo identification, and other files. The bug also meant that Cox’s records were just as exposed to other patients.

Cox said he attempted to alert the company about the issue via email, but did not hear back. He then notified TechCrunch as a last resort to ask the company to patch the bug.

Dental practice software maker fixes bug that exposed patients' medical records | TechCrunch

Other newsrooms on this story

Related reading

Data breach affects 38,000 UChicago Medicine patients - UPI.com

Centers for Medicare and Medicaid Services exposes doctors’ Social Security…

A Bombshell Epic Lawsuit Shows How Your Medical Data Could Be At Risk

UK business breach rate stuck at 43%... blame the phishing

Trump Admin Exposed Healthcare Providers' Personal Data On New Medicare Portal:…

Finance company stored their DB credentials in spreadsheet