Close Menu
Technology Mag

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Should You Cancel Xbox Game Pass? Everything to Know on the Price Hikes and New Features

    October 20, 2025

    How ByteDance Made China’s Most Popular AI Chatbot

    October 20, 2025

    SpaceX launches 10,000th Starlink internet satellite

    October 20, 2025
    Facebook X (Twitter) Instagram
    Subscribe
    Technology Mag
    Facebook X (Twitter) Instagram YouTube
    • Home
    • News
    • Business
    • Games
    • Gear
    • Reviews
    • Science
    • Security
    • Trending
    • Press Release
    Technology Mag
    Home » Therapy Sessions Exposed by Mental Health Care Firm’s Unsecured Database
    Security

    Therapy Sessions Exposed by Mental Health Care Firm’s Unsecured Database

    News RoomBy News RoomSeptember 13, 20243 Mins Read
    Facebook Twitter Pinterest LinkedIn Reddit WhatsApp Email

    Thousands of people’s highly sensitive health details, including audio and video of therapy sessions, were openly accessible on the internet, new research has revealed. The cache of information, associated with a US health care firm, included more than 120,000 files and more than 1.7 million activity logs.

    At the end of August, security researcher Jeremiah Fowler discovered the exposed trove of information in an unsecured database linked to virtual medical provider Confidant Health. The company, which operates across five states including Connecticut, Florida, and Texas, helps provide alcohol- and drug-addiction recovery, alongside mental health treatments and other services.

    Within the 5.3 terabytes of exposed data were extremely personal details about patients that go beyond personal therapy sessions. Files seen by Fowler included multiple-page reports of people’s psychiatry intake notes and details of the medical histories. “At the bottom of some of the documents it said ‘confidential health data,’” Fowler says.

    For instance, one seven-page psychiatry intake file, which appeared to be based on an hour session with a patient, details issues with alcohol and other substances, including how the patient claimed to have taken “small amounts” of narcotics from their grandparent’s hospice supply before the family member passed away. In another document, a mother describes the “contentious” relationship between her husband and son, including that while her son was using stimulants he accused her partner of sexual abuse.

    The exposed health documents include some medical notes on people’s appearance, mood, memory, their medications, and overall mental status. One spreadsheet seen by the researcher appears to list Confidant Health members, the number of appointments they’ve had, the types of appointment, and more.

    “There’s some heartbreaking, really painful family trauma, personal trauma,” Fowler says, adding that some of the files were audio and videos of patient sessions. “It’s almost like having your deepest darkest secrets that you’ve told your diary revealed, and it’s things that you never want to get out.”

    Alongside the medical files in the exposed database were administration and verification documents, including copies of driver’s licenses, ID cards, and insurance cards, Fowler says. The logs also contained indications that some data is collected by chatbots or artificial intelligence, making references to prompts and AI responses to questions.

    Confidant Health quickly shut off access to the exposed database after Fowler contacted the company, he says. The researcher, who alerts companies to exposed data and does not download any of it, says a proportion of the 120,000 files that were exposed had some form of password protection in place. Fowler says he reviewed around 1,000 files to verify the exposure and determine the source of the data so he could alert the company. He says it is unusual that an exposed database would include both locked and unlocked files.

    In a statement to WIRED, Confidant Health cofounder Jon Read says the company takes security concerns seriously and “take[s] issue with the sensational nature” of the findings. Read says once the company had been notified of the “improper configuration,” access to the exposed files was “fixed in less than an hour.”

    Share. Facebook Twitter Pinterest LinkedIn WhatsApp Reddit Email
    Previous ArticleThe OnePlus Watch 2, one of our top Android smartwatch picks, hits its best price
    Next Article Spotify is testing a new way to keep kids songs out of your listening history

    Related Posts

    Don’t Fall for Sketchy iPhone VPNs—Here Are the Only 3 You Should Use

    October 18, 2025

    A New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones

    October 16, 2025

    North Korean Scammers Are Doing Architectural Design Now

    October 16, 2025

    ICE Wants to Build Out a 24/7 Social Media Surveillance Team

    October 14, 2025

    Satellites Are Leaking the World’s Secrets: Calls, Texts, Military and Corporate Data

    October 14, 2025

    ‘Happy Gilmore’ Producer Buys Spyware Maker NSO Group

    October 14, 2025
    Our Picks

    How ByteDance Made China’s Most Popular AI Chatbot

    October 20, 2025

    SpaceX launches 10,000th Starlink internet satellite

    October 20, 2025

    Major AWS outage takes down Fortnite, Alexa, Snapchat, and more

    October 20, 2025

    X is changing how it handles links to try and keep you in the app

    October 19, 2025
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • Vimeo
    Don't Miss
    News

    X is launching a marketplace for inactive handles

    By News RoomOctober 19, 2025

    Premium Plus and Premium Business users will soon be able to browse and request inactive…

    Time to catch ‘em all again

    October 19, 2025

    The Sony Watchman was must-see TV

    October 19, 2025

    This weekend is your last chance to get a month of Disney Plus starting at $9.99

    October 19, 2025
    Facebook X (Twitter) Instagram Pinterest
    • Privacy Policy
    • Terms of use
    • Advertise
    • Contact
    © 2025 Technology Mag. All Rights Reserved.

    Type above and press Enter to search. Press Esc to cancel.