ADVERTISEMENT

Over 320K Medicare applications exposed, revealing patients’ health data

Insurance brokerage firm Oberlin Marketing has left an open bucket leaking hundreds of thousands of sensitive documents, including customer health condition status and financial info.

Medicate applications leak

Image by Cybernews.

Vilius Petkauskas
Vilius Petkauskas Deputy Editor
Mar 18, 2025 Updated: 18 March 2025 2 min read
“If data like personal information or health records were exposed, Medicare beneficiaries, often older and potentially more vulnerable to scams, could be at a higher risk for fraud, identity theft, and other cyber threats.”

What data did Oberlin Marketing leak?

  • Names
  • Home addresses
  • Dates of birth
  • Genders
  • Phone numbers
  • Signatures
  • Health information
  • Financial details
ADVERTISEMENT

Why are Oberlin Marketing’s customers in danger?

Gintaras Radauskas Niamh Ancell Ernestas Naprys Jurgita Lapienyte
Stay informed and get our latest stories on Google News
Add us as your Preferred Source on Google.
  • Change the access controls to restrict public access and secure the bucket. Update permissions to ensure that only authorized users or services have the necessary access.
  • Retrospective monitoring of access logs to assess whether the bucket has been accessed by unauthorized actors.
  • Enable server-side encryption to protect data at rest.
  • Use AWS Key Management Service (KMS) for managing encryption keys securely.

  • Leak discovered: October 20th, 2025
  • Initial disclosure: January 28th, 2025
  • CERT contacted: February 18th, 2025
ADVERTISEMENT