I went to a clients business for a computer error and found out all files, information, SSID, and everything on every employee and patient was available at my finger tips and available to all employees. Home address, even some had banking information. That's only part 1. Next, I found out all information transferred between them with personal information was over email. Imagine a doctors office sending you all your information unencrypted over email. No thanks Jeff.
Part 3, their router username/pass (for such a high profile business) was admin/admin. I'm not complaining though, I was paid over $900 for all of this to be fixed, changing how they operate, etc.
Oh, and just about every computer there had some form of virus, some of them having keyloggers because the employees go on websites and games at work. So sending patient information over unencrypted email with keyloggers.
Seems legit. I wonder how other doctors offices are when things like this are going on.
“True hacking is like skydiving, you want to make sure you have arms, because nobody’s going to be there to pull the chute for you.”