1 comment

[ 4.2 ms ] story [ 14.5 ms ] thread
Original research was done by Daniel Verlaan[0], who has uncovered data leaks related to COVID testing before[1].

In an email to people who had gotten an appointment from this "coronatestnu" company, all the recipients where addressed in CC[2].

It seems the required pentesting that is needed with these testing companies wasn't done correctly and will be looked at internally[3].

[0] https://twitter.com/danielverlaan/status/1416673022023458816

[1] https://www.zdnet.com/article/dutch-covid-19-patient-data-so...

[2] https://twitter.com/danielverlaan/status/1416700373230923776

[3] https://twitter.com/danielverlaan/status/1416687638896070656