- Cybernews researchers find an unsecured Mongodb database containing millions of records and dental users meetings
- It most likely belonged to a “dental marketing specialist” agency
- Users should be on guard against possible attacks
A massive database containing personally identifiable information and other files belonging to millions of American citizens was sitting unprotected on the Internet, easily available for anyone who knew where to look, the experts warned.
Cybersecurity researchers at Cyberness discovered the archives at the end of March 2025, noting that it contained approximately 2.7 million patient profiles and 8.8 million appointments.
The data included the names of people, birth dates, emails, postal addresses, telephone numbers, gender information, graphic identifiers, linguistic preferences, billing details and appointment files (including patient metadata, horoditing and institutional references).
Gargle
CYBERNEWS could not confirm its owner, but says that “buried databases” Point to Gargle, a digital marketing company that is described as “dental marketing specialists”, offering services such as websites, referencing, content marketing, PPC management and creation of ads.
“Although it is not a health care provider itself, the Gargle’s business model is based on patient infrastructure management and, in this case, possibly patient data,” said Cybernews.
Other details are rare – we do not know if Gargle has really managed the database or if a third party did. We also do not know for how long the archives remained unlocked, and if malicious actors found it before the Cybernews – although we know that it was locked the same day, it was discovered.
The non -guaranteed databases remain one of the most common causes of data leaks. Many security researchers warn that organizations do not understand that cloud safety is working on a shared liability model.
