Skip to content
July 10, 2026
  • Linkedin
  • Twitter
  • Facebook
  • Youtube

Daily CyberSecurity

Zero-hour alerts. Unmatched analysis.

Primary Menu
  • Home
  • CVE Watchtower
  • Cyber Criminals
  • Data Leak
  • Linux
  • Malware
  • Vulnerability
  • Submit Press Release
  • Vulnerability Report
Light/Dark Button
  • Home
  • News
  • Data Leak
  • MEDantex Transcription Service data leaks
  • Data Leak

MEDantex Transcription Service data leaks

Do Son April 27, 2018 3 minutes read
Add Daily CyberSecurity as a preferred source on Google

MEDantex is a medical transcription company headquartered in Kansas, USA. Its main business is to provide customized transcription solutions for hospitals, clinics, and private doctors. Last week, KrebsOnSecurity, a well-known security website, sent a notice to the company saying that an online portal of the company exposed the patient’s medical records and involved more than a thousand doctors.

The so-called medical transcription refers to the use of word processing software to transcribe information recorded in the medical process according to the doctor’s dictation recording. This may include records of medical records, physical examination reports, clinical diagnosis, surgical reports, X-ray reports, and pathology. Transcription of reports and other information.

Medical transcription can be said to be one of the fastest growing areas in the healthcare industry. In Western countries, especially countries such as the United States where the entire healthcare industry is based on insurance and detailed medical records, this service allows doctors to dictate patient records over the phone and get edited texts in a short period of time. file.

KrebsOnSecurity learned last Friday (April 20th) that a portal site owned by MEDantex had the potential to leak medical records from patients. The site allows doctors to upload audio files, which are the dictation tapes we mentioned earlier that need to be transcribed. This feature page should have been originally encrypted, but it turns out that any Internet user can access it.

What’s more, the online tool pages used by many MEDantex employees are also completely open to Internet users, including pages for adding or removing user accounts, and pages that can search for patient medical records by the doctor or patient name, while accessing all these pages does not require authentication.

Not only that, KrebsOnSecurity also believes that MEDantex may have become a victim of ransomware called WhiteRose. Sreeram Pydah, founder, and CEO of MEDantex, confirmed that the company did experience a ransomware infection and recently rebuilt the online server.

Pydah said that the site has been closed for about two weeks, but the security threats notified by KrebsOnSecurity seem to have been incorporated into the reconstruction process in some way. In other words, after the site was rebuilt, the problem of patient medical records exposure still exists.

KrebsOnSecurity said that it is not yet clear how many patients’ medical records were exposed on the MEDantex website, but one of the catalogs named “/documents/userdoc” contains documents relating to more than 2,300 doctors. The catalogs are arranged in alphabetical order. Each catalog contains a different number of patient medical records. Both the Microsoft Word document and the original audio file can be downloaded.

Although many of the documents seem to have only recently been created, some of these records date back to 2007. It is also not clear at the time when these documents were initially exposed, but according to Google’s cache, the site page appears to have been publicly accessible since April 10, 2018.

It is worth noting that if these medical records are leaked, the impact will be enormous. According to the information displayed on the MEDantex official website, the customers of its transcription service are almost covered by the entire United States, including New York University Langney Medical Center, San Francisco Multidisciplinary Medical Group, Jackson Hospital in Montgomery, Alabama, Allen County Hospital in Iola, Kansas, Green Clinic Surgical Hospital in Ruston, Los Angeles, Trillium Specialist Hospital in Mesa, Arizona and Sun City, Cooper University Hospital in Camden, NJ, Sunrise in Miami The Medical Group, the Wichita Clinic in Wichita, Kansas, the Kansas Spine Center, the Kansas Plastic Surgery Center, and the basic surgical hospitals throughout the United States.

Get Zero-Hour Vulnerability Alerts

Critical CVEs, CVSS scores, and PoC updates — straight to your inbox every week.


We respect your inbox. Unsubscribe anytime.

Related coverage

  • Microsoft AI researchers accidentally leaked up to 38TB of data: including secrets, private keys, passwords
  • Hacker Leaks 1.4 Billion Tencent Records: Mobile, Email, and QQ IDs Exposed
  • Hotspot Shield exists a flaws that leak your location
  • The Miami Glitch: How a Single Config Error Leaked Cloudflare’s IPv6 Routes to the Global Internet
  • Hackers steal BeeToken’s email list and $1M worth of Ethereum

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee Logo Buy Me a Coffee PayPal
Crypto QR Code
USDT (TRC20):
TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm
USDT (ERC20):
0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce

Share this article:

Facebook Post LinkedIn Telegram
Written by
@DdoS · Security Researcher

Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

Tags: MEDantex Transcription Service

Search

Translation

CVE WATCHTOWER
🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

Upgrade Package

🚨 Active Exploits in the Wild

  • CVE-2026-1207CVSS 5.4
    An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on...
    Admin intel📅 Updated: Jul 10, 2026
  • CVE-2026-55255CVSS 8.4
    Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, an Insecure Direct...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-48908
    A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-56290
    The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-20896CVSS 9.8
    Gitea Docker image: `REVERSE_PROXY_TRUSTED_PROXIES = *` default lets any source IP impersonate any user via `X-WEBAUTH-USER`
    Admin intel📅 Updated: Jul 6, 2026
  • CVE-2026-48282CVSS 10.0
    ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted...
    Admin intelCISA KEV📅 Added to KEV: Jul 7, 2026📅 Updated: Jul 3, 2026
  • CVE-2024-14037CVSS 9.8
    Redsea Cloud eHR contains an arbitrary file upload vulnerability that allows unauthenticated attackers to achieve remote code execution...
    Admin intel📅 Updated: Jul 3, 2026
  • CVE-2026-8451CVSS 8.8
    Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured...
    Admin intel📅 Updated: Jul 2, 2026
Powered by CVE Watchtower

🔴 Live Critical Threats

  • CVE-2026-59792CVSS 9.6
    In JetBrains IntelliJ IDEA before 2026.1.4, 2026.2 code execution via path traversal...
  • CVE-2026-61444CVSS 9.1
    PraisonAI versions before 4.6.78 contain a code injection vulnerability in deploy/api.py where...
  • CVE-2026-56765CVSS 9.8
    Vikunja before 2.2.1 contains an authorization flaw where the LinkSharing.ReadAll endpoint exposes...
  • CVE-2026-56688CVSS 9.1
    Dell PowerFlex Manager, Version prior to 5.1.0.1, contain(s) an Improper Neutralization of...
  • CVE-2026-15378CVSS 9.3
    A flaw was found in the `guardrails-detectors` component. This vulnerability allows a...
  • CVE-2026-15300CVSS 9.1
    The GEO my WP plugin for WordPress was vulnerable to SQL Injection...
  • CVE-2026-15282CVSS 9.8
    The Instant Appointment plugin for WordPress is vulnerable to arbitrary file uploads...
  • CVE-2026-14894CVSS 9.8
    The Super Forms – Drag & Drop Form Builder plugin for WordPress...
  • CVE-2026-54769CVSS 10.0
    Langroid is a framework for building large-language-model-powered applications. Versions prior to 0.65.2...
  • CVE-2026-58122CVSS 9.1
    Hermes WebUI before 0.51.307 contains an authentication bypass vulnerability that allows unauthenticated...
Powered by CVE WATCHTOWER

Our Websites
  • Penetration Testing Tools
  • The Daily Information Technology
  • Daily CyberSecurity

    • About SecurityOnline.info
    • Advertise with us
    • Announcement
    • Contact
    • Contributor Register
    • Login
    • About SecurityOnline.info
    • Advertise on SecurityOnline.info
    • Contact Us

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works

    • Disclaimer
    • Privacy Policy
    • DMCA NOTICE
    • Linkedin
    • Twitter
    • Facebook
    • Youtube
    © 2017 - 2026 Daily CyberSecurity. All Rights Reserved.