Healthcare startup Lyfebin exposed thousands of medical imaging files, such as X-rays, MRI scans and ultrasounds.

The Los Angeles-based healthcare startup allows doctors and medical staff to store medical images in its &secure environment,& per its website, allowing patients and doctors access from anywhere.

But the files were found stored in an unprotected Amazon Web Services (AWS) storage bucket, without a password, allowing anyone who knew the easy-to-guess web address access to the data.

The files were dated between September 2018 to October 2019.

After we reached out to warn of the security lapse, Lyfebin secured the data.

The storage bucket contained more than 93,000 files — many appeared to be duplicates — containing medical scans. The files were stored in the DICOM format, a common file type used by medical imaging equipment. When opened, DICOM files contain the images from the scan as well as other metadata, such as the patientdate of birth and the name of the physician.

When asked, Lyfebin wouldn&t say how many individual patients were affected. Instead, an unnamed company spokesperson claimed that the bucket was a &test environment where we use fake accounts and fake patient accounts to test out new features,& but provided no evidence to support the claim. (We asked several times for the spokespersonname, but the company representative stopped returning our emails.)

Healthcare startup Lyfebin exposed medical images

One of the scans found in the exposed storage bucket

&When we ingest patient information into our servers, we remove all identifying information,& the unnamed spokesperson said. &No patient information has been exposed,& they added.

Many of the files appeared to be anonymized to some degree, though we found evidence of some potentially identifiable information — including physician names and the patientgender and date-of-birth, even if the patientname had been scrambled from the filecover sheet.

One file we examined still contained a name. The file had enough identifiable information to allow us to search for the person using public records. When reached, the person could not recall the specific date of their scan.

When asked to clarify, the unnamed spokesperson repeated the claim that the data contained &fake patient information,& thenthreatened TechCrunch with legal action.

&If published, our legal team will review your article for any inaccuracies and will sue with the highest extent of the law for any malfeasance by you or TechCrunch,& the spokesperson said.

Lyfebin did not answer our other questions, including how long the bucket was exposed. The company would not say if the company plans to inform customers of the security lapse, nor would it say if it planned to disclose the incident to local authorities per state data breach notification laws.

Read more:

  • Over 750,000 applications for US birth certificate copies exposed online
  • Sprint contractor left thousands of US cell phone bills exposed
  • Tuft - Needle exposed thousands of customer shipping labels
  • StockX was hacked, exposing millions of customers& data
  • Stop saying, ‘We take your privacy and security seriously&

Write comment (100 Comments)
Ripple raises $200 million to improve global payments

Ripple has raised a $200 million Series C funding round. Tetragon is leading the round, with SBI Holdings and Route 66 Ventures also participating. According to Fortune, the company is now valued at $10 billion.

&We are in a strong financial position to execute against our vision. As others in the blockchain space have slowed their growth or even shut down, we have accelerated our momentum and industry leadership throughout 2019,& Ripple CEO Brad Garlinghouse said in the announcement.

The startup has been focused on improving cross-border payments and other money-transmitting activities using XRP, a cryptocurrency that has its own blockchain, the XRP Ledger. The total market capitalization of XRP tokens is currently the third-largest cryptocurrency market capitalization behind bitcoin and Ethereum.

It is currently worth $8.4 billion according to CoinMarketCap. While XRP is a decentralized cryptocurrency, Ripple controls a significant chunk of the total market cap. That reserve is valuable by itself. During the third quarter of 2019, Ripple sold $66.24 million in XRP tokens.

Ripple believes that cryptocurrencies (and XRP in particular) could be a great way to facilitate cross-border transactions. It has the potential to be both cheaper and faster than traditional foreign exchange solutions.

The company has been trying to convince financial institutions to switch to RippleNet as the back-end currency for international payments.

RippleNet now has 300 customers. In particular, Ripple took a 10% stake in MoneyGram to help them switch to RippleNet, at least in part.

Write comment (90 Comments)

Burst, the subscription dental care service, with the pretty, pretty toothbrushes, has now added a sleek dental floss product to its monthly kits.

The Los Angeles-based dental hygiene company, which has raised at least $20 million in financing from the growth capital investment firm Volition Capital, takes a different approach to reaching consumers than competitors like Quip.

Burst works hand-in-hand with a network of dental hygienists and dental professionals both as a channel to sell through and a sounding board for new product development. The companydental health professionals who are part of its sales channel now totals more than 20,000 people. Burst shares profits with these channel partners and has distributed about $3.5 million through the program.

Indeed, it was through the network of experts that the company arrived at the design for its dental floss.

&While there was a clear gap in the market for an affordable but effective electric toothbrush, our incredibly strong partnership with dental professionals has been key to the success of Burst,& said Brittany Stewart, COO of Burst. &From development and testing, to sharing our products with their network, BurstAmbassadors have been part of the team every step of the way. We&re proud to have fueled a grassroots movement of independent dental professionals who are just as passionate as we are about modernizing a tired industry.&

The new product is a $12.99 mint-eucalyptus-flavored, charcoal-coated dental floss that expands between teeth. Burstfloss comes in a case for replacement bobbins, which can be delivered to a customerdoor for $6.99 per month.

&When we first met the founders of Burst, we immediately recognized they were tapping into something special in an industry that was ripe for disruption,& stated Larry Cheng, managing partner and co-founder of Volition Capital. &We were inspired by their vision and wanted to support the growth trajectory they were already on, capitalizing on their key strengths, such as product development and the Ambassador network, while identifying further opportunities.&

Burst adds a super high-tech dental floss to its dental care offerings

Write comment (93 Comments)

Hello and welcome back toEquity, TechCrunchventure capital-focused podcast, where we unpack the numbers behind the headlines.

This week Kate was in SF, Alex was in Providence and there was a mountain of news to shovel through. If you&re here because we mentioned linking to a certain story in the show notes, thathere. For everyone else, letget into the agenda.

We kicked off with a look at three new venture funds. In order:

  • Tusk Ventures: Tusknew fund, worth $70 million, is an effective doubling of its prior fund$36 million size. The politically savvy firm has put money into Coinbase, and other companies that deal with regulated industries.
  • Sapphire Ventures: SAPformer corporate venture fund Sapphire Ventures announced a whopping $1.4 billion fundraise this week. Sapphire may be one of or the most successful CVC spinouts to date.
  • Moxxie: Katie Jacobs Stanton, known for co-founding #ANGELS, just closed her debut fund on $25 million. Kate chatted with her about her experience fundraising her very own fund, some of her previous investment and her plans for Moxxie Ventures, so there was plenty to unpack here.

From there we turned to the gender imbalance in the world of venture capital. This year, companies founded by women raised only 2.8% of capital. These not-so-stellar statistics are always worth digging into.

We then took a quick look at two different venture rounds, including ProdPerfect$13 million Series A and Peppersmaller $5.6 million round. ProdPerfectround was led by Anthos Capital (known for investing in Honey, which sold for $4 billion). The company has $2 million in ARR and is growing quickly. Pepper, formed by former Snap denizens, is working to help other startups lower their CAC costs in-channel. Smart.

And finally, Alex wanted to bring up his series on startups that reach the $100 million ARR threshold (Extra Crunch membership required). A first piece looking into the idea led to a few more submissions. There seem to be enough companies to name the grouping with something nice. Centurion? Centipede? Centaur? We&re working on it.

Equity drops every Friday at 6:00 am PT, so subscribe to us onApple Podcasts,Overcast,Spotify and all the casts.

Write comment (92 Comments)
BoeingStarliner crew spacecraft won&t dock with Space Station as planned after missing target orbit

BoeingStarliner CST-100 crew spacecraft got off to a great start on its first-ever launch to the International Space Station this morning — but despite the rocket and launch vehicle performing as expected, the Starliner spacecraft itself hit a bit of a snag when it came time for its own post-launch mission to begin.

The Starliner capsule successfully separated from the ULA Centaur second-stage rocket that brought it to its sub-orbital target in space, but when the Starliner was supposed to light up its own engines and propel itself to its target orbit, the requisite burn didn&t happen. Boeing instead said that the spacecraft achieved a stable position to charge up its solar-powered batteries, and that it was working on the ground with its team to figure out which maneuvers come next to get the spacecraft where it needs to be.

NASA Administrator Jim Bridenstine provided via Twitter at 8:45 AM EST the first substantial update about what went wrong, noting that there was an incident wherein the Starliner spacecraft &believed it was in an orbital insertion burn, when it was not.&

This means its mission clock encountered some kind of bug or error that told the Starliner systems it was at a different point in the mission procedure than it actually should&ve been. As a result, the spacecraft burned more fuel than it was supposed to and missed its intended orbital insertion point. The Starliner has subsequently done a second burn and is in a stable orbit, but it is no longer capable of reaching the International Space Station as planned.

At a press conference that kicked off around 9:38 AM EST, the NASA administrator kicked off remarks by noting that &a lot of things went right& in todaymission, regardless of the problems encountered.

&When the space craft separated from the launch vehicle, we did not get the desired orbital insertion burn that we were hoping for,& he continued, noting again that the spacecraft believed it was at a different stage in the mission than it actually was. Once ground control was able to send a manual command to correct it, it was &too late& to salvage the full mission of actually reaching the Space Station as planned because too much propellant was already burned.

Bridenstine also speculated that were NASA astronauts actually on board, they would &absolutely& have &been safe,& and that they probably could&ve assisted and overcome the automation error encountered via manual control to save the mission.

ULA CEO Tory Bruno explained that this was a fully successful launch from the perspective of the Atlas V launch vehicle, which flew in a different configuration than usual for the first time, so they consider it a win for their perfect launch record, having &literally hit a bullseye& for their target mission parameters.

&It appears that the vehicle was using a mission elapsed timer that was not the mission elapsed timer that the mission was on,& explained Boeing Senior Vice President of Space and Launch Jim Chilton. &We don&t know why that happened.&

The Starliner is currently in an orbit that will allow it to turn back to Earth in 48 hours, which Bridentstine and Chilton said in itself will be an important test of the landing system. Once on the ground, teams will be better able to figure out what happened on board the spacecraft with the Mission Elapsed Timer (MET) error.

As for what this means for the overall Boeing Commercial Crew mission, and whether this will impact the timing and sequence of the crewed flight test that was supposed to take place next, all parties say ittoo early to tell and they&ll need to do more investigation into what happened before determining whether therea need for another full orbital flight test before putting crew on a first test launch.

Write comment (90 Comments)

The Midwest may not be known as the fashion capital of the world (or even the U.S.), but its place in the consumer retail firmament is secure through L Brands and its VictoriaSecret and Bath - Body Works subsidiaries.

Now, venture investors are investing $17.3 million to establish another tent-pole clothing brand in the region, with a new commitment to the St. Louis-based clothing brand Summersalt.

St. Louis-based Summersalt raises $17.3 million for its direct-to-consumer clothing line

Founded by a former Washington University design professor and swimwear designer, Lori Coulter, and a marketing and branding consultant, Reshma Chattaram Chamberlin, Summersalt launched in 2017 with a line of direct-to-consumer swimwear.

In the past two years, the company has expanded beyond its $95 swimsuits to include cashmere sets, packable jackets and wrinkle-free pants.

Initially backed by the Rise of the Rest Seed Fund, backed by AOL founder Steve CaseRevolution investment fund, the company has gone on to attract capital from Founders Fund, Lewis and Clark Ventures and Victress Capital .

The latest round was led by Mercato Partners, a Utah-based venture capital firm.

&We could not be more thrilled with the opportunity to lead Summersaltlatest funding found, and partner with two passionate founders who have a clear vision, are mission driven and have a track record for accelerated performance,& said Joe Kaiser, a director with Mercato Partners, in a statement. &The product, brand, team and the incredible consumers make for a winning combination.&

Summersalt calls its line of clothing &travel wear& and used its footprint in the swimsuit market to expand its reach with other items that could be taken on trips to less-sun-drenched parts of the world.

&We are building a generation defining travel brand that goes beyond swimwear and apparel to create a community of curious women who love to explore,& said Coulter, the companypresident and chief executive in a statement. &Our unparalleled experience in apparel, deep supply chain expertise and fit-technology will be at the foundation as we continue to scale and build a brand with highly profitable unit economics.&

Write comment (93 Comments)