A Mumbai-based pathology lab has published the lab results of over 43,000 people online without securing it in anyway, reports Buzzfeed. The lab dismissed its responsibility, stating to Buzzfeed that “maintaining doctor-patient privacy is not something that we as the lab are concerned with.” We've tried contacting the lab repeatedly, but the administrator declined to comment, saying that we should call him tomorrow evening before he cut the call. MediaNama was able to verify the files as containing complete patient testing data including HIV and other disease identifiers, along with personal identifiers like names. No contact details were available, so we haven't been able to ascertain the authenticity of the data by calling patients who were tested. We're not publishing any means of identifying the lab, given that the data is still online and easy to spot. The leak was first spotted by online security expert Troy Hunt, who is also the creator of HaveIBeenPwned, which allows people to check if any of their databases have been compromised. From a technical perspective, the data page, which lists the patient reports online, does not have a ‘no robots’ modifier to exempt the pages from search engine. Because of this, the entire database is available as a cached copy on Google and other search engines, even if the source database is secured. Note that the company doesn’t seem to have any particular inclination to fix the issue, stating "We are moving to a new domain in January and retiring the existing website, so these…
