Security researchers at Mindgard found that Doctronic, a healthcare AI with prescription management capabilities, can be easily manipulated through prompt injection attacks. By simply telling the AI that a session hasn't started, attackers can extract system prompts and override its behavior — causing it to spread medical misinformation, fake COVID conspiracies, or modify prescription recommendations. A particularly concerning exploit involves tricking the AI into generating manipulated SOAP notes (clinical records reviewed by human doctors) that could lead to inflated drug prescriptions. Doctronic is currently part of a Utah state pilot program, though officials say controlled substances are excluded and additional safeguards exist. Mindgard reports Doctronic has not confirmed the vulnerabilities are fixed.
Sort: