Cybersecurity Startup Exposed Hospital's IT System Information in Sales Demos
The CEO used a client hospital's network without its knowledge for product demonstrations
Cybersecurity company Tanium is in hot water after it was revealed that it used one of its client's networks without its knowledge during product demonstrations.
The demos exposed live and sensitive information about the hospital's IT systems, information that—until recently—was displayed in videos available to the public. Although the company did not have access to patient information, non-anonymized desktop and server management details were shown in the demos.
Allscripts Healthcare Solutions' El Camino Hospital in California installed Tanium's software in 2010. The hospital is no longer using the company's services.
"The hospital did not authorize desktop management data or other information to be used in any product demonstration and was not previously aware of these demonstrations or videos," stated El Camino Hospital. "We are dismayed to learn that desktop and server management information was shared. We are thoroughly investigating this matter and take our responsibility to maintain the integrity of our systems very seriously."
Tanium promises its clients "15-second visibility and control over any endpoint" on a corporate network. The company's technology provides direct access to system information to let administrators perform several tasks, including identifying possible security vulnerabilities and hacks.