Insurance brokerage Oberlin Marketing has reportedly leaked hundreds of thousands of Medicare applications by accident.
The more than 320,000 sensitive documents include names, home addresses dates of birth, genders, phone numbers, signatures, health information and financial details that were discovered in October, Cybernews reports.
Health information covers questions on medical conditions, such as heart disease, stroke, cancer, high blood pressure, cholesterol and diabetes.
Financial information includes loan amounts, lender data, co-borrower data and mortgage details.
Risk of scams
The leaked information puts older Medicare patients at risk of scams such as fraud and identity theft, Cybernews researchers said.
“Cybercriminals may exploit this information to access financial services or conduct unauthorized transactions, which could cause significant financial and reputational damage to victims," researchers said. "For Medicare clients, who may be elderly, such fraud could have particularly severe long-term consequences."
Oberlin Marketing didn't immediately respond to ConsumerAffairs's request for comment.
Cybernews also said it has been unsuccessful in contacting the firm about the leaked information.
The leak stems from Oberlin Marketing hosting an unprotected AWS S3 bucket, a cloud storage method that companies use via Amazon Web Services, Cybernews said.
Sign up below for The Daily Consumer, our newsletter on the latest consumer news, including recalls, scams, lawsuits and more.