Nature: Membership Inference Attacks Achieve Near-Perfect Success at Identifying Patients in Medical AI Training Sets — Underrepresented Groups at Highest Risk

A paper published in Nature on June 24 demonstrates that discriminative medical AI models—trained on images, ECGs, EHRs, and blood tests—are vulnerable to membership inference attacks that achieve near-perfect success at identifying whether a specific patient's data was included in training. Attackers need only partial records such as blood test results to infer a patient's inclusion, with individuals from underrepresented groups in training cohorts at disproportionately high risk. Standard aggregate privacy evaluations used by healthcare AI developers miss these individual-level exposures entirely, the researchers warn.