Slashdot Mirror


Hacking the US Prescription System

An anonymous reader writes: It appears that most pharmacies in the US are interconnected, and a breach in one leads to access to the other ones. A security advisory released [Friday] shows how a vulnerability in an online pharmacy granted access to prescription history for any US person with just their name and date of birth. From the description linked above: During the signup process, PillPack.com prompts users for their identifying information. In the end of the signup rocess, the user is shown a list of their existing prescriptions in all other pharmacies in order to make the process of transferring them to PillPack.com easier. ... To replicate this issue, an attacker would be directed to the PillPack.com website and choose the signup option. As long as the full name and the date of birth entered during signup match the target, the attacker will gain access to the target's full prescription history.

1 of 78 comments (clear)

  1. Capitalst prescription system defective by design by Anonymous Coward · · Score: -1, Troll

    Dear USA.

    Thank you for proving to the world why capitalism will never work. With the rest of us already using socialized health care while you fucktarded USians are on a fast track to destruction using capitalism for your vastly broken health care system. This "bug" can be used against you when businesses will use this to screen potential workers. But you fucktarded USian sheep will only realize that fact once your "mighty" empire collapses in on itself so please self destruct immediately so the world will be rid of the biggest terrorist threat of all.

    Sincerely,
    Signed : The rest of the world.