Posted on 06/28/2016 9:00:42 AM PDT by BenLurkin
Three US healthcare organisations are reportedly being held to ransom by a hacker who stole data on hundreds of thousands of patients.
The hacker has also put the 650,000 records up for sale on dark web markets where stolen data is traded.
Prices for the different databases range from $100,000 (£75,000) to $411,000.
...
The organisations that data was stolen from are known to be based in Missouri, Georgia and the midwest. The attacker told Motherboard that he would not name the organisations, to give them a chance to pay up.
The news site said it had checked 30 records on patients from Georgia and in most cases the information listed was confirmed by the people it reached.
Data in the files includes names, addresses and phone numbers as well as social security numbers, insurance information and detailed medical histories.
The information is believed to have been stolen via a vulnerability in software that uses a technology known as the remote desktop protocol (RDP) - many firms use this to let staff log in from home or to let support workers fix IT problems from afar.
(Excerpt) Read more at bbc.com ...
A report from BBC.
Anyone seen reporting on this issue in US NEWS SERVICES ?
But...but...I thought HIPAA protected us from everything!
Perhaps ObamaCare will pick up the bill? Heck, a lawyer could probably pay the $820,000 and turn around and file suit against the health providers - Recovering the cost paid plus their fees plus whatever penalties they could squeeze would make this almost a sure bet. Not to mention the commission LifeLock will give him for every name that continues the service after the free year that the health providers are going to pay for...
“Anyone seen reporting on this issue in US NEWS SERVICES ?”
No, that would be useful. They are instead trying to cover Hillary’s substantial ass.
It does.. Meaningless data like your name, address and social security number aren’t protected like the results of your last colon exam...
What the hell difference does it make. The DC lawyers, politicians, and bureaucrats already stole our personal health information.
Uh, wait... They had an RDP port open to the public 'Net? It's riddle with security vulnerabilities:
https://www.google.com/search?q=rdp+vulnerability
Basic IT security would have put the RDP port behind a firewall, and a VPN required to access the network. And, the VPN would require two-factor authentication for login.
So in what foreign country was their IT?
I will be so glad soon to, once again, see my doc without the f’ing laptop in hand, and not being asked the same set of questions by everyone that walks in the exam room, and not being asked about guns and my happy happy joy joy state!
Bend over, this will only hurt a moment.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.