Massive data leak at MNA Healthcare exposes thousands of medical workers’ information

A major data breach at MNA Healthcare, a Florida-based recruitment firm, has compromised the personal information of thousands of healthcare professionals. The leak, discovered on June 20th by Cybernews researchers, occurred due to a misconfiguration in the company’s systems that left sensitive files publicly accessible.

MNA Healthcare, which operates in nine U.S. states, specializes in staffing services for healthcare workers and matching them with healthcare organizations. The exposed data, dated June 2nd, 2024, included full names, addresses, phone numbers, email addresses, dates of birth, work experience, job assignments, and communications with company representatives. More alarmingly, encrypted Social Security Numbers (SSNs) and hashed temporary platform passwords were also part of the leak.

While the SSNs were encrypted using the ‘mcrypt’ encryption type, commonly used by the Laravel Web application framework, researchers identified a configuration file containing the Laravel App Key, potentially enabling attackers to decrypt the SSNs. This situation amplifies concerns about the vulnerability of sensitive personal information, particularly the SSNs, which are pivotal in identity verification in the U.S.

“The data leak causes further concerns regarding the company’s infrastructure security as the database backup for their platform was improperly stored,” noted Aras Nazarovas, a Cybernews security researcher, emphasizing the broader security risks. He pointed out that the discovery suggests potential for other unaddressed security issues within the company’s infrastructure.

Cybernews alerted MNA Healthcare to the vulnerability, and the misconfiguration has since been secured. However, the company has not released an official statement on the breach.

Given that U.S. medical professionals are highly attractive targets for cybercriminals due to their high earning potential—doctors typically make around $350,000 annually—the leaked information poses serious risks. Potential threats include credential stuffing, phishing attacks, financial fraud, identity theft, and employment fraud. Stolen SSNs could also be exploited for filing fraudulent tax returns or applying for loans.