$3.5 Billion Startup Exposed Hospital’s Data Without Permission

Tanium Inc., a cybersecurity startup, recently discovered that it had been inadvertently exposing the information of a nonprofit community hospital in Santa Clara County, California. The hospital, El Camino Hospital, had previously been a client of Tanium Inc. and had had their software installed on their network. Tanium has been using the hospital’s network as part of a demo to pitch its software to potential clients. The young company’s success has been attributed to this demo, its reach of a valuation of $3.5 billion, and a very generous investment from Andreessen Horowitz, a prominent venture firm based in Silicon Valley.

However, “the hospital did not authorize desktop management data or other information to be used in any product demonstrations and was not previously aware of these demonstrations or videos,” according to a spokesman of El Camino Hospital. The demonstrations—which have been used from as early as 2012 to mid 2015 and uploaded online by Tanium and its resellers—have exposed the weaknesses of El Camino Hospital’s private network, including security vulnerabilities, any versions of antivirus software that might be outdated, server and computer names, and personnel information. Tanium has said in a statement that “in the early days of our company, Tanium periodically demoed our product using a live customer environment, to which the customer had provided us remote access, but we recognize that we did not go far enough to ensure that particular customer’s operational information was sufficiently anonymized.”

While highly unprofessional, Tanium is not the only tech startup that has been unethically trying to speed up their growth. The CEO of Zenefits, a health-benefits broker, was found last year to have written software that would be able to allow brokers to complete the insurance-license qualification course in much less time than allowed by New York state law. After immense pressure for the CEO to step down, the company has laid off two-third of its staff and cut its valuation in half.

These two companies have shown what has become more and more obvious in the tech startup industry in recent years—that a company that grow too quickly can be just as much of a failure as a company that grows too slowly.

Read more here:



Photo: https://www.scmagazine.com/security-firm-in-hot-water-after-exposing-hospital-data-in-demos/article/651757/