A security breach in rapid test software again allowed unauthorized persons to access test results and other sensitive information. As the Tagesspiegel reported, the data of more than 6,000 registrations since the beginning of April can be accessed at two.000 registrations since the beginning of April, including sensitive data such as address and date of birth.
Security loophole closed
According to the newspaper, many other test stations, for example in Hamburg, Dusseldorf, Stuttgart, Wurzburg or Heidelberg, also use the faulty software of the operator Innofabrik from Habloch (Rhineland-Palatinate).
The security leak was discovered on Saturday "within a very short time" Innofabrik CEO Dennis Messer told the dpa on Sunday. He deeply regrets the error, "Data protection is a very high priority for us".
"We still have to check the exact number"
During a random test of the Daily Mirror In 13 test stations, which according to initial research by the newspaper use the software from Innofabrik, it was also possible on Saturday to retrieve external data. According to the newspaper, a total of more than 45.000 appointment data. Messer, on the other hand, ames a much lower figure: "We still have to check the exact number", he said.
In recent weeks, there have been repeated vulnerabilities in the software of Corona quick test providers. In mid-March, for example, a security leak was discovered at the company 21DX and its service provider Medicus Ai, via which the data of around 130 users was accessed.000 affected could be retrieved.