Close Menu
TechTost
  • AI
  • Apps
  • Crypto
  • Fintech
  • Hardware
  • Media & Entertainment
  • Security
  • Startups
  • Transportation
  • Venture
  • Recommended Essentials
What's Hot

Startup Battlefield Australia application closes in days: Apply before 6 July

Wayve launches $85M employee offering at $8.5B valuation

The DeepMind trio that created a poker AI is now making money for quantitative hedge funds

Facebook X (Twitter) Instagram
  • About Us
  • Contact Us
  • Privacy Policy
  • Terms and Conditions
  • Disclaimer
Facebook X (Twitter) Instagram
TechTost
Subscribe Now
  • AI

    The “Father of the Internet” is finally retiring

    1 July 2026

    Amazon launches new $1 billion FDE organization, following OpenAI and Anthropic

    30 June 2026

    The AI ​​jobs debate just got more confusing

    30 June 2026

    Robot hand company settles Tesla trade secret, announces $11 million raise

    29 June 2026

    OpenAI restricts GPT-5.6 release at government request, says restrictions shouldn’t be the norm

    29 June 2026
  • Apps

    Acti puts AI agents directly on your smartphone keyboard

    1 July 2026

    X now offers an MCP server to make its platform easier for AI tools to use

    30 June 2026

    Gemini’s personalized AI image creation is now free for US users

    30 June 2026

    TIDAL is fighting AI music, cutting off monetization

    29 June 2026

    TikTok’s road to becoming a super app

    26 June 2026
  • Crypto

    Crypto Exchange OKX wants AI agents to hire and pay each other

    30 June 2026

    Startup Battlefield 200 applications close today

    27 May 2026

    5 days left: Save up to $410 on Disrupt 2026 passes

    25 May 2026

    As crypto cools, a16z crypto raises $2.2 billion in capital

    6 May 2026

    Coinbase to lay off 14% of staff as part of broader restructuring

    5 May 2026
  • Fintech

    India’s payments chief believes artificial intelligence will play a big part in the next era of digital payments development

    28 June 2026

    Early Bird pricing ends tonight for the Founder Summit

    26 June 2026

    4 days left to save up to $190 on Founder Summit 2026

    23 June 2026

    Robinhood’s note on 10% layoffs shows that blaming AI doesn’t cut it

    17 June 2026

    Anthropic’s latest spat with the Trump administration may actually help it, sales figures suggest

    17 June 2026
  • Hardware

    Flipper’s new Busy Bar is a customizable display for productivity

    30 June 2026

    South Korea’s tech giants pledge over $550 billion to ease ‘RAMageddon’

    30 June 2026

    Pocket raises $11M in bet on growing demand for AI note-taking devices

    29 June 2026

    Govee’s smart nugget ice maker makes every frozen drink feel like luxury

    28 June 2026

    Apple Raises Mac and iPad Prices, Saves iPhone for Now

    26 June 2026
  • Media & Entertainment

    Watch out, Amazon: The Kobo eReader now has a Goodreads rival

    29 June 2026

    YouTube Shorts just got even shorter with an update that lets you double the playback speed

    25 June 2026

    Deezer says its new feature allows fans to remix songs with the artist’s consent

    24 June 2026

    Instagram looks set to take on streaming services with a longer, episodic and live format for its TV app

    22 June 2026

    Spotify’s reserved ticket sales to music superfans are now live

    18 June 2026
  • Security

    In major privacy victory, Supreme Court rules that geo-trafficking warrants are protected by privacy rights

    29 June 2026

    The Klue hack results in a data breach at several cybersecurity companies

    26 June 2026

    Cellebrite said it cut off Russia, but Russia used its tools anyway

    26 June 2026

    Hacked Klue Says Criminals Are Deleting Stolen Customer Data, But Now Other Hackers Are Making Threats

    25 June 2026

    Anthropic says Claude might want to see your ID

    25 June 2026
  • Startups

    Startup Battlefield Australia application closes in days: Apply before 6 July

    1 July 2026

    Clicks shows off its BlackBerry-inspired phone in a new hands-on video

    30 June 2026

    Omen AI’s plan to optimize data centers is all wet

    30 June 2026

    Arena, the AI ​​leaderboard everyone uses, is now a $100 million business

    29 June 2026

    2 days left to save up to $190 on Founder Summit

    28 June 2026
  • Transportation

    Wayve launches $85M employee offering at $8.5B valuation

    1 July 2026

    Blue Origin still doesn’t know why its New Glenn rocket blew up last month

    30 June 2026

    Waymo and Uber are quietly parting ways in Phoenix

    30 June 2026

    TechCrunch Mobility: All eyes on Tesla FSD

    28 June 2026

    Slate Auto’s radically simple electric truck starts at $24,950

    27 June 2026
  • Venture

    The DeepMind trio that created a poker AI is now making money for quantitative hedge funds

    1 July 2026

    Patronus AI lands $50 million to create ‘digital worlds’ that stress-test AI agents

    26 June 2026

    How to invest when everything is moving too fast

    24 June 2026

    After betting the company on Anthropic, Menlo Ventures raises $3 billion in winning capital

    24 June 2026

    Seedcamp Raises $320M for New Fund to Expand US Footprint

    22 June 2026
  • Recommended Essentials
TechTost
You are at:Home»Security»Dental software maker fixes bug that exposed patients’ medical records
Security

Dental software maker fixes bug that exposed patients’ medical records

techtost.comBy techtost.com1 May 202604 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Email
Dental Software Maker Fixes Bug That Exposed Patients' Medical Records
Share
Facebook Twitter LinkedIn Pinterest Email

Practice by Numbers, the developer of patient management software used in thousands of dental offices, has patched a security flaw that exposed patients’ private health records in a portal that comes with the software, according to TechCrunch.

A patient, Joseph R. Cox, reported the bug to TechCrunch after encountering the problem while looking at his own dental records on the portal, which was offered by his dental office.

This patient portal is part of a dental practice management software created by Practice by Numbers, which claims Its products are used in more than 5,000 dental practices in the United States.

Cox said the bug allowed any user of the portal, which hosts medical documents and patient health records, to access documents belonging to other patients. He said he was able to access other patients’ documents from his account, including their personal information, medical history, photo ID and other records. The bug also meant Cox’s records were equally exposed to other patients.

Cox said he tried to notify the company of the issue via email but did not receive a response. He then notified TechCrunch as a last resort to ask the company to fix the bug.

The bug was extremely easy to exploit by logging into Practice by Numbers’ patient portal. Cox said changing the document number in the web address when uploading one of his documents to the portal allowed users to access other patients’ records.

Worse, Cox said the document numbers on the web address appear to be sequentially incremented, so it could be possible to easily guess the document numbers of other people’s medical records.

Cox told TechCrunch that he had difficulty notifying Practice by Numbers about the issue because the company didn’t offer any distinct avenues to report security issues. The company’s email address on its website was broken, with emails being returned as undeliverable. Instead, Cox sent a message to one of the company’s founders on LinkedIn, but didn’t hear back after sending a follow-up email.

The problem, which has now been fixed, highlights a recent trend in which regular consumers find security flaws in companies’ products or websites, but have no clear way to report the problem to developers.

Earlier in April, fashion retailer Express fixed a website bug that allowed anyone to access other customers’ order details and personal information after a user spotted the error but found no way to notify the company. A similar incident involved Home Depot in December: A security researcher tried to privately notify the company about a security flaw that exposed access to its internal systems for nearly a year, but their reports were ignored until TechCrunch contacted the company.

Since the security flaw was actively putting patient data at risk, TechCrunch notified Practice by Numbers about the issue on April 13. The company took its patient portal down to fix the error and brought it back online on April 17.

Practice by Numbers co-founder and chief technology officer Chris Lau told TechCrunch that the company had patched the vulnerability and was notifying fewer than 10 patients that their information was exposed because of the bug, citing its server logs.

The company said it is working with the affected dental office to notify affected patients. Lau said the company had found no evidence of previous activity related to the bug, suggesting Cox was likely the first to find it.

Cox confirmed that the bug appears to have been fixed.

When asked by TechCrunch, neither Lau nor Practice from Number co-founder and president Rohit Garg would answer whether the company’s patient portal had undergone a security audit before its launch. Companies typically undergo security audits to ensure their products meet cybersecurity standards and are free of common security flaws before customers start using them.

While no software is ever completely bug-free, companies that handle sensitive information, such as healthcare data, typically seek third-party reviews of their code to eliminate any significant security flaws.

When asked if Practice by Numbers plans to update its website to allow security researchers to notify the company of security flaws, such as through a vulnerability disclosure program, Garg said the company plans to update its website to allow users to report security issues. The company did not offer a timeline.

When you purchase through links in our articles, we may earn a small commission. This does not affect our editorial independence.

bug cyber security data breach Dental Exclusive exposed fixes maker medical medical software patients records software
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleLegal AI startup Legora hits $5.6 billion valuation, and its battle with Harvey just got hotter
Next Article Apple surprised by AI-driven demand for Macs
bhanuprakash.cg
techtost.com
  • Website

Related Posts

The DeepMind trio that created a poker AI is now making money for quantitative hedge funds

1 July 2026

The “Father of the Internet” is finally retiring

1 July 2026

Crypto Exchange OKX wants AI agents to hire and pay each other

30 June 2026
Add A Comment

Leave A Reply Cancel Reply

Don't Miss

Startup Battlefield Australia application closes in days: Apply before 6 July

1 July 2026

Wayve launches $85M employee offering at $8.5B valuation

1 July 2026

The DeepMind trio that created a poker AI is now making money for quantitative hedge funds

1 July 2026
Stay In Touch
  • Facebook
  • YouTube
  • TikTok
  • WhatsApp
  • Twitter
  • Instagram
Fintech

India’s payments chief believes artificial intelligence will play a big part in the next era of digital payments development

28 June 2026

Early Bird pricing ends tonight for the Founder Summit

26 June 2026

4 days left to save up to $190 on Founder Summit 2026

23 June 2026
Startups

Startup Battlefield Australia application closes in days: Apply before 6 July

Clicks shows off its BlackBerry-inspired phone in a new hands-on video

Omen AI’s plan to optimize data centers is all wet

© 2026 TechTost. All Rights Reserved
  • About Us
  • Contact Us
  • Privacy Policy
  • Terms and Conditions
  • Disclaimer

Type above and press Enter to search. Press Esc to cancel.