mscripts is a mobile pharmacy service that works with doctors and patients. The service also enables doctors and patients to communicate with one another effectively, giving them more control over their health. It's come to our attention that this service has suffered from a serious security breach for many years.
The mscripts data breach occurred because the company established a cloud file system without proper security protections in place. Anyone could access the files in the system by visiting its location, and didn't require a password or special authentication. This is a serious problem, that made it possible to spread information about patients that use mscripts for many years.
Prescription information was available to download without any authentication online between September 30, 2016, and November 18, 2022. For six years, patient prescription data could be obtained by anyone that knew where to go online.
Customers of mscripts are at risk of being hurt by this breach. Their prescription information, as well as some personal details, were available to anyone and were likely gathered by someone that stumbled on the security vulnerability during the many years that it was an issue.
The mscrips breach made thousands of files available for use by anyone that wanted them and stumbled across the information. These files exposed health and medical information about a huge number of different people.