Medical Data is such a significant target for the attackers. The data is able to be bundled together or separated to be sold, dependent on the type of data and the potential markets on the dark web.
Yet another example of this was reported in May 2018. LifeBridge Health appears to have been targeted and compromised. It appears the compromise of 500k patient records occurred on September 27, 2016. This was detected in March 2018. Thus it took approximately 1.5 years for the business to realize they had been targeted, recon had occurred, and the system was compromised. This was not noted by the business or its InfoSec Department, but after a forensic firm had been hired. The data probably exfiltrated was patient names, addresses, birth dates, insurance information, and the gemstone of the patient’s social security number.
Although the press release states the business takes protecting the patient’s data very seriously, as these all do, the breach and also compromise timeline is problematic. The patient’s data was exposed on the dark web for sale and abuse for up to 1.5 years. The InfoSec team should have been able to notice the traffic moving the data from the business.
About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.
Share on Facebook
Share on Twitter
I'm busy working on my blog posts. Watch this space!