.png?width=1816&height=566&name=brandmark-design%20(83).png "Tech Channels - IT News, Resources & Insights")
Healthcare has an IoT breach problem. But so do organizations in just about every sector–thanks in large part to “things” that are connected unattended, unpatched and unnecessarily to public networks, as Modat recently found.
When Modat’s cybersecurity team began scanning the internet for exposed medical equipment, they expected to find some weaknesses, instead their search exposed a trove of issues. One million healthcare IoT devices, including MRI scanners, X-ray systems, blood analyzers, and ophthalmology instruments, were broadcasting sensitive data to the open internet. The leaked files were not anonymised datasets or partial records; they included full patient identities, diagnostic scans, and lab results, often stored together in a way that made them instantly exploitable.
Most of these systems were simply online by default, connected to public networks without a legitimate operational need. Many still ran on outdated software that no one dared to patch for fear of interrupting critical services.
It’s easy to dismiss this as a healthcare problem. It’s not. It’s an IoT problem, it’s actually everywhere. The pattern is painfully familiar across industries. Devices ship with internet connectivity switched on by default. Passwords like “admin” and “123456” are never changed. Witness the recent exposure of the data of hundreds of thousands of McDonald’s job applicants on the McHire site, all because credentials from an admin account associated with a recruitment bot were set to “123456.” Software updates are skipped because taking a system offline feels too disruptive. In hospitals, that means risking patient safety; in manufacturing, it can mean halting an entire assembly line; in logistics, it can expose fleet tracking data that maps every high-value shipment in real time.
The scale was global. The United States alone had over 174,000 exposed devices. South Africa, 172,000. Even technologically advanced nations like Germany, Japan, and the UK appeared high on the list. For patients, the fallout could be life-changing—blackmail over a diagnosis, targeted fraud, or something far more insidious: quiet manipulation of medical records. Imagine your prescription dosage doubled or lab results altered without anyone noticing.
And the danger isn’t just theft. Modat’s CEO, Soufian El Yadmani, warns that manipulation is the bigger nightmare. In healthcare, that could mean altering a patient’s dosage instructions. In energy, it could mean subtly changing readings in a power grid monitoring system. The attacker’s goal doesn’t have to be to break something outright. The more sophisticated, and often more damaging, strategy is to feed decision-makers the wrong information and let the system undermine itself.
This is the paradox of IoT security: the weakest link is rarely the system everyone is watching. It’s the one hidden in plain sight, humming away on the network without patches, oversight, or authentication. Once compromised, that single neglected endpoint can be leveraged to map the network, harvest credentials, or pivot into mission-critical systems, bypassing defences that were designed to stop a direct assault.
IoT systems feed directly into automation, decision-making, and safety protocols. Manipulate the data and you manipulate the system. In critical environments, that can mean real-world harm. Change the data, and you change what the syste m sees. Change what it sees, and you change what it does.
Connectivity without layered security is essentially an unlocked side door. Every device, no matter how inconsequential it appears, can serve as an access point into the wider network. The weakest link is rarely the most obvious. It’s often the one no one bothers to guard because “it’s just a sensor” or “it’s just a monitor.” Yet that single overlooked endpoint can be the foothold from which attackers bypass the most fortified defences.
