Medical imaging still runs on a protocol older than the modern web. As hospitals move it to the cloud, tens of millions of patient records are ending up exposed on the open internet, and, in many cases, open to tampering.
What We Found
Over more than six months, we scanned the entire internet for exposed DICOM servers. The picture that emerged:
- 3,806 DICOM servers reachable from the public internet, across 111 countries.
- 1,159 of them are leaking data, exposing more than 59 million patient records.
- Of those records, 16.1 million contain personally identifiable information (name, date of birth, address, phone number, gender, and in some cases Social Security number), and 43.5 million contain protected health information (examination results, dates, referring physician, imaging type).
- Over 73% of the exposed servers are hosted on major clouds such as AWS and Azure, or reachable over a simple DSL line.
- Fewer than 1% enforce effective access control.
It's worth being clear about what this is: no exploit, no malware, no breach in the traditional sense. Much of this data is simply sitting there, reachable by anyone who knows where to look.
Why It's Happening
DICOM (Digital Imaging and Communications in Medicine) has been the backbone of medical imaging for over 30 years. Its most recent core version dates to 1993, and it was designed for a world where imaging devices, viewers, and storage all lived inside one closed hospital network.
Large institutions have moved their imaging to the cloud, and smaller imaging centers (often without dedicated IT or security staff) have followed to keep up, frequently by connecting on-premises systems straight to the internet.
A protocol built for a trusted local network is now exposed to a hostile global one.
DICOM has added security features over the years, but because they are optional, most vendors and operators never turn them on.
Attackers Can Do More Than Read
Leaked identity and health data is a ready-made resource for identity theft, extortion, and highly convincing phishing. But our research uncovered a second, less obvious risk.
Because most servers don't authenticate requests, an attacker can not only retrieve images and records, they can even alter them.
Using the protocol's own storage function, an attacker can pull an existing image series, craft a new image that matches its identifiers, and inject it back in. That forged image is then served to clinicians as part of the legitimate record.
The consequences are hard to overstate: an attacker could corrupt a study, or introduce false signs of illness into a real patient's scan. We found roughly 39 million records sitting on servers that allow this kind of tampering.
Why The Exposure Stays So High
The root cause is authentication.
Only around 23% of internet-facing DICOM servers have any authorization enabled at all, and more than 85% of those rely on a default or easily guessed identifier (the Application Entity Title), which we were able to bypass using a dictionary built from vendor documentation and common values.
On top of that, many implementations carry classic software flaws, including SQL injection reachable through a standard DICOM query.
What Healthcare Organizations Should Do
None of this requires replacing DICOM or waiting for the standard to evolve. In priority order:
1. Take DICOM off the public internet. It should never be directly reachable from outside. For remotely hosted servers, tunnel the connection over a secure channel such as IPSec, and routinely scan for exposed assets on TCP ports 104, 11112, and 4242.
2. Segment the network. Place DICOM on a dedicated, isolated segment. Let imaging devices reach it over DICOM, but route all user access through DICOMweb behind a web application firewall.
3. Enforce real access control. Restrict connections to known device IP addresses, use randomized (non-default) identifiers, and integrate DICOMweb with your identity and access management. For any remote access, require IAM, rate limiting, and regional IP allowlisting.
The Bigger Picture
Legacy protocols like DICOM aren't going away. The equipment is expensive, long-lived, and central to patient care. But "we've always run it this way" stops being acceptable the moment that protocol touches the internet.
The exposure we measured is growing, not shrinking, and every new record added to an unprotected server is another patient put at risk.
If your organization relies on DICOM, the most useful first step is simply knowing what's exposed. That is exactly the kind of assessment we do, and it is usually the difference between finding these gaps yourself and having someone else find them for you.
Key Takeaway
- The exposure is huge. More than 3,800 internet-facing DICOM servers across 111 countries are leaking more than 59 million patient records; no hacking required.
- Attackers can tamper, not just read. Around 39M records sit on servers that let an attacker inject false images or findings into a real patient's scan.
- The built-in protections are almost never used. Fewer than 1% of exposed servers enforce effective access control.
- Fix #1: Get DICOM off the public internet. It should never be directly reachable; isolate it on a dedicated, segmented network.
- Fix #2: Control every path in. Route clinicians through DICOMweb behind a web application firewall and your IAM, and restrict device access to known IPs, no change to the DICOM standard required.