Health Data theft: Red Alert!
Health data and electronic records thefts: booming cybercrime!
The security of personal health data is quintessentially the growth challenge of any health information system. With digitization reaching full-fledge stage and linking all parts of the health systems, risks commensurate with the fragility and limitations of IT-intensive information systems appear, leading to malevolent thefts of data.
Your Decide Hub informed you of such attempts to steal massive amounts of health data, electronic health records or to bring disruption to health data management systems (click here for our blog entry “Healthcare: a cyber battlefield of choice?” published earlier in February 2021).
The French umbrella organization overseeing hospitals in the Paris recently admitted that data pertaining to approximately 1.4 million people were stolen when stored on a temporary shared platform used by the National health insurance Fund and the health authorities.
A platform used for COVID-19 tests, it clearly offered a weak point of entry into the health information system and led health authorities to look into the necessary strengthening of their digital tools (click here to read more – article in French).
In addition, a new cybercrime hit the United Kingdom this week with an incredible impact, with millions of health data unveiled on the dark web. What happened exactly?
Highly sensitive medical records including details of abortions, HIV tests and mental health issues have been leaked online after a major cyber attack.
Russian hackers targeted Stor-A-File, a British data storage company whose clients include GP practices, NHS hospital trusts, local councils, law firms and accountants.
The gang demanded a £3million ransom in Bitcoin cryptocurrency, but when Stor-A-File refused, the hackers dumped tens of thousands of files on to the ‘dark web’, a secretive part of the internet used by criminals and terrorists.
Given the scope of the theft (which overlapped with confidential MoD related data), national crime agencies and other law enforcement and intelligence agencies are tracking the group of hackers which call themselves “Clop” or “Fancycat” and is suspected of large-scales operations.
To read more about this: click here.
The concern remains that the confidentiality of personal information, in particular health data, cannot be guaranteed and offers vulnerability to malevolent outsiders. One is reminded of the old meme underlining “there is no cloud. It is just someone else’s computer”.