AlertSec Xpress

Hacking Incident and Data Breach

April 22nd, 2016

The Pain Treatment Centers of America (PTCOA) and Interventional Surgery Institute (ISI), a healthcare network in Arkansas suffered a potential data breach. The incident came to notice when  a vendor mentioned about hacking incident. According to OCR’s Tool, 19,397 individuals were possibly affected by the data security incident.Backlit keyboard

PTCOA and ISI mentioned that EHR and healthcare practice management tool operated by Bizmatics, a third-party vendor is used by them to manage patient files and contains the medical records of all its patients.

According to the PTCOA notice,“Your patient information is important to us, and we select vendors to help us better manage and secure that information. As such, security is the number one priority for our technology vendors, including Bizmatics.”

Unauthorized outside party accessed Bizmatics data server which stored customer records. Bizmatics collaborated with law enforcement officials and a cyber forensics firm to investigate the the incident. After the audit, Bizmatics mentioned the affected systems are secured.

“We have no reason to believe that our patient files were the target of the hackers’ attack on Bizmatics,” wrote PTCOA and ISI. “Due to the nature of the attack, Bizmatics cannot say for certain that PTCOA’s patient files were among the data that was accessed or acquired by the hacker.”

PTCOA also mentioned following in the statement,

“We are taking this issue seriously and have retained Experian, an industry leader in credit monitoring and identity theft recovery, to help patients monitor this situation in the coming months. We are offering a complimentary one-year membership of Experian’s® ProtectMyID® Alert. “

PTCOA advice following steps to the users –

  • Review your account statements and credit reports and notify law enforcement and us of suspicious activity
  • Consider placing a fraud alert or a security freeze on your credit files
  • Protect your Passwords
  • Fight “phishing” – don’t take the bait

————————————————————————————————————————————————————-

Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Ransomware and Data Breach

April 21st, 2016

“Is ransomware considered a health data breach under HIPAA?”. The answer is explored in the recent issue of Forbes magazine by author Dan Munro. He researched healthcare and compliance domains2000px-System-lock-screen.svg

According to the information presented, a ransomware attack should not be considered data breach as per PHI disclosure restrictions in HIPAA. It is more about the message of lax security that’s being broadcast to cyber-criminals around the world. But Dan believes otherwise.

Ransomware attacks should be considered as unauthorized exposures of private information. It is same as the outright theft of the laptop, desktop, or server breach.

Acccording to the records of Office of Civil Rights (OCR) in 2015, there were more than 300 disclosed healthcare breaches. One-third are due to the loss or theft of some piece of equipment like laptop, desktop, server, or other portable electronic device.

The report also states that more than 100 of the disclosed breaches were due to attack like ransomware. The breaches affected more than hundreds of thousands of records.  It is believed that the records under the hands of criminals can cause breach.

HIPAA rules states that the notification letters to be sent to affected individuals because the systems and the PHI are not under control of the healthcare provider.

Ransomware Attacks

Types of Ransomware –

Few attacks takes control of machine and lock it down. This action blocks the access to legitimate users. The system is unlocked only paying after ransom amount and clearly the system is under the control of criminals.

Few attacks involves remote access control by criminal. They awaits the Bitcoin payment to unlock and reconfigure the system.

Common form of ransomware includes a software which encrypts certain important files with certain password. The process includes accessing the files and encrypting and storing the files  in the same place. Once the payment is done, files are unlocked.

Now a days, ransomware attacks to extort money are on the rise.

There’s more and more documented evidence that this is going on,” says Ori Eisen, founder and chief innovation officer of fraud prevention company 41st Parameter. “It’s more prevalent in the United Kingdom, which is sort of a staging or testing ground. It’s starting there and getting more momentum.”

————————————————————————————————————————————————————-

Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Cyberattacks remains major concern for healthcare industry

April 19th, 2016

According to the recent survey by Symantec Corporation on healthcare cybersecurity, cyberattacks were the top reason behind healthcare data breaches in 2015. Many healthcare facilities are now focusing more on cybersecurity. Ransomware and phishing scams are on the rise with increased threat to sensitive data.Syrian.hacker

“For the first time in 2015, criminal attacks are the number one cause of data breaches in the health sector,” stated the study. “Why? Because, the cyber-criminals have figured out that health data is deep and valuable, and that healthcare IT infrastructure, from traditional IT systems to connected medical devices, is typically vulnerable and easy to penetrate.”

In last decade the data breaches were mainly due to lost or stolen device but it is changing now. Cyberattacks are growing exponentially and soon it may take over other forms of data breaches.

EHR and other health IT systems mostly get shutdown due to cyberattack strongly affecting hospital routine work. Researchers of Symantec also connected the rise in cyber threats to the increase in innovative medical devices.

“Healthcare is a uniquely difficult environment to secure against cyber threats and often security measures conflict with care delivery,” wrote the authors of the report. “There are a lot of shared devices, many of which are critical to patient care. Routine security measures often don’t work in a clinical context.”

Healthcare industry should implement cybersecurity tools to protect from any such attacks. According to the surveys, healthcare sector suffers most under the hands of cyber criminals as compared to other industry because the it is highly regulated. There are stringent laws in case of healthcare data breach which tempts criminal to extort handsome money.

“Certainly, security technologies are available to protect organizations from these sophisticated attacks across multiple security control points―email, network, and endpoint―but the front line of defense is still the employee who receives the email and may be tempted to click on an infected web link,” stated the report. “Investment in contemporary security technology is important, but always needs to be complemented by training and drills for your workforce.”

Also, healthcare providers should be prepared for all types of attacks.

“Any breach, no matter how small, can provide valuable information to attackers as they accumulate details on healthcare organizations, their staff and patients, and their IT infrastructure,” noted the report.

————————————————————————————————————————————————————-

Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Unsecured database and data breach

April 16th, 2016

Einstein Healthcare Network announced possible data breach when one of its databases was left unsecured on its website. Einstein Healthcare Network is a Pennsylvania-based healthcare network. The incident has affected approximately 3,000 individuals.medical-563427_960_720

According to the reports, Einstein Healthcare Network found that one of its website databases was available to unauthorized users. Accessible information included patient information that was entered by individuals on information form on the healthcare network’s webpage.

EHR systems was not connected to the website. Affected information included patient names, telephone numbers, reasons for submitting requests, healthcare provider names, and health information.Social Security numbers, financial information, or EHR information was not present on the database. Individuals who entered Information on the webpage’s form before feb 2016 were affected.

“It’s important to note that in the data we evaluated, hacking or IT incidents only accounted for about one in 10 data breaches,”said study lead author Dr. Vincent Liu, a research scientist with the Kaiser Permanente Division of Research in Oakland.

“While hacking has garnered a lot of recent attention, a more common reason for breaches is simple theft of unsecured paper or electronic records,” he continued. “Nonetheless, the potential for hacking to result in a large number of compromised records tends to be higher than for other sources of data breaches.”

Einstein Healthcare Network has now secured the website database and removed it from public view. Internal investigation is also ordered by Einstein Health.

A call center was created to answer questions related to this incident. Einstein Healthcare Network also mentioned that it is committed to improving security measures on its website. Healthcare believes that they have no knowledge that any patient information has been used improperly. Notification letters are sent to affected individuals.

According to the statement by Einstein, “To help prevent something like this from happening in the future, we have secured the website database and are enhancing our security measures for the website. We deeply regret any concern this may cause our patients.”

The breach was not result of hacking but due to technical error. Albert Einstein Healthcare Network is a system based in Philadelphia. Healthcare operates as Einstein Medical Center in Philadelphia, MossRehab with locations throughout Philadelphia and Montgomery Counties, Einstein Medical Center Elkins Park, and Einstein Medical Center Montgomery in East Norriton. Rehabilitation beds and skilled nursing beds as well as primary care and specialty physician practices are available in it’s facilities.

————————————————————————————————————————————————————-

Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Stolen laptop and data breach

April 14th, 2016

Laptop theft can lead to data breach. OptumRx, the pharmacy care branch of a health services and technology company in Minnesota suffered data breach due to the theft incident. An unencrypted laptop was stolen from an employee’s vehicle in Indianapolis, Indiana as per the reports. OptumRx mentioned that laptop belonged to an unnamed vendor who provides home delivery services to patients.HP_Mini_1000

Affected information included names, health plan names,addresses, prescription drug information, and prescribing provider information. For some individuals, dates of birth may have been exposed.

It also confirmed that Social Security numbers, credit cards, and other financial information was not involved.

Company did not specify the number of affected individuals. Also, Office of Civil Rights data breach portal didn’t mention the number of individuals affected by the security incident.

OptumRx has now contacted local authorities and launched an outside investigation. It has also mailed notification letters to potentially affected individuals.

“In addition, we have worked with the vendor to put immediate and additional protections in place to prevent the occurrence of similar incidents in the future,” explained OptumRx’s notification letter. “These measures include additional security requirements on laptops they use for OptumRx work, training and reinforcement of existing policies and practices, and further evaluation of additional safeguards.”

The company is also working with local law enforcement. Vendor is asked to put in place additional levels of protection for its laptops. One free year of identity theft protection services is also offered to individuals. It is supplying each with a one-year subscription to LifeLock.

LifeLock subscription includes following facilities to users:

  • Identity Threat Detection and Alerts:

With this service, LifeLock actively monitors an extensive online network for attempts to use your personal information. Whenever suspicious activity is detected, user will receive an alert via email or phone.

  • Wallet Protection

It also provides services for missing wallet. It has asked users to just call— anytime, anywhere—and LifeLock will help cancel or replace the contents to stop fraudulent activities. Coverage under this scheme includes credit and debit cards, Social Security cards, driver’s licenses, insurance cards, checkbooks and travelers checks.

  • Address & Verification

Impersonating can be done and Identity thieves can redirect your mail, containing financial information and providing a fraudulent new address. LifeLock monitors these such kinds of requests and notifies the user.

  • Black Market Surveillance

Identity thieves also get involved in illegal buy, sell and trade sensitive personal information on black market Internet sites. LifeLock now patrols over 10,000 criminal websites. Any suspicious activity is  notified to the user.

  • Pre-Approved Credit Card Offers

LifeLock works with bank to reduce emailing to affected individuals to avoid identity theft.

  • LifeLock Member Service 24/7/365

Sign in to your secure member portal at LifeLock.com is available all the time.

————————————————————————————————————————————————————-

Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Healthcare Data Security and Hackers

April 9th, 2016

In recent times, hackers are looking for innovative ways to infiltrate through covered networks. With digitization of healthcare industry comes challenges to secure patient information. But the change has brought speed, efficiency, and effectiveness to treat patients and prevent diseases. The scenario is also boon for hackers. All the sensitive data is now present on the server which can be hacked.

stethoscope lying on keyboard of a laptop

According to the reports, the healthcare industry was the most targeted sector for cyber attacks in 2015. Cyber

attacks have compromised over 100 million medical records.  Attack on Anthem’s network resulted into 70% of all compromised records.

According to the CEO of Vigitrust, Mathieu Gorge,  “The first thing to consider is the actual value of the patient data, so if you go to a hospital or to your GP, data that is held about you has a lot of value to you and we need to protect the confidentiality and integrity of that.”

The reason behind the cyber attacks on healthcare are on the rise due to following reasons

 Sensitive Personal Information

Electronic Health Records (EHRs) is being used frequently in the healthcare industry. The availability of information lures hackers to get ransom for sensitive information.  Sometime attack lock medical histories, psychological profiles, and family connections to billing data and addresses. Hackers can then demand money to unlock affected information.
Hackers can also indulge in activities like insurance fraud, identity theft, and extorting victims. The most shocking fact of the medical information is that it can be used number of times unlike credit cards which can be blocked immediately.  Also, healthcare data is extremely valuable in the black market.

Taking advantage of Intellectual Property
Considering R& D department of big companies, there is possibility of cyber attack to gain access to intellectual property. Due to competitive market, the price of intellectual property sky rockets in the grey market.

Lack of Awareness
Recent trends show that the healthcare industry is undergoing fast transition towards digitization. IT is migrating health records to digital and using new storage and processing techniques to analyze patient data. But the pace with which data is translated is not reflected into security aspects. One needs to keep security process intact to safeguard data.

Human Resources
There is a lack of security professionals in the healthcare industry. Many who are working in the industry don’t have enough knowledge to handle sophisticated cyber attack.

Innovation in Attack
Below are the few examples where hackers have gone beyond the conventional attack. Example includes – remotely modifying the dosage rates of an insulin pump and manipulation of baby monitors.

To safeguard data, Gorge suggest that, “The first thing to do, if you are an entity that has access to health records, is to make sure you have a data classification policy. This allows you to do an inventory of your data: The structured data, the unstructured data, that you hold yourself, and the data that you might need to access that might be held by another entity.”

————————————————————————————————————————————————————-

Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Computer Virus Causes Data Breach

April 7th, 2016

Mercy Iowa City, an acute care hospital and regional referral center, recently suffered data breach  due to computer virus. Mercy Lowa City did not mention the number of affected individuals but the OCR data breach portal mentioned that 15,625 individuals were affected by the incident.15-Most-Dangerous-Computer-Viruses

Mercy Iowa City came to know about computer virus on January 29. It had potentially infected some of its systems three days prior. The hospital now has secured the computer systems to prevent the spread of the virus.

“That’s a small percentage compared with the total number of patients the hospital serves”, said Margaret Reese, interim director of marketing and community relations and president of the Mercy Hospital Foundation. She said she did not know the total number of patients, adding that “it would be a huge number when you consider all of the many services.”

Internal investigation is carried out by forensics firm. Capturing personal data was the main motive of the computer virus. Thus it is believed that data breach has occurred.

Reese said Mercy has been working with federal law enforcement on its investigation. The hospital’s release said current safeguards have been enhanced to protect sensitive data. Reese said she could not comment on what the enhancements were.

According to the reports, unauthorized access to patients records by outside entity has resulted into the incident. which did not affect all Mercy Hospital and Mercy Clinic patients.

According to the statement, “Mercy deeply regrets any inconvenience this may have caused our patients. To help prevent something like this from happening in the future, we have enhanced our existing technical safeguards to protect patient information.”

Affected information included names, dates of birth, addresses, treatments, diagnoses, medication lists, names of health insurers, and health insurance policy numbers. Social Security numbers may also have been accessed for some patients.

“To help prevent something like this from happening in the future, we have enhanced our existing technical safeguards to protect patient information,” stated the press release.

The hospital also created a call center dedicated to answering questions about the data security event. Mercy Iowa City mentioned that there is no evidence patient information misuse.

————————————————————————————————————————————————————-

Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Cyber Security Budgets Not In Tune With Rising Threats

April 2nd, 2016

cyber-security-1186530_960_720Businesses are increasing their investment in cyber security but the landscape of threat is changing very rapidly. To remain secured one has to understand the possibility of cyber attacks in advance and make sure data remains safe. Majority of security professionals believes that the budget should be increased.

Institute of Information Security Professionals (IISP) conducted survey to understand the current scenario. Two-thirds of professionals said that security budgets has increased. For 15% of respondents, budgets stayed the same.

“In times of financial pressure or instability, as we have seen in recent years, security is often seen as a supporting function or an overhead,” said IISP director Piers Wilson.

Sixty percent believes that budgets are low considering level of threats. Only seven percent of respondents reported that security budgets were rising faster than the level of threat.

The survey was conducted in participation with more than 2,500 members working in security across a wide range of industries and roles. UK cyber security space can be understood by the survey.

“Security budgets are hard won because they are about protection against future issues, so are a good indication of the state of risk awareness in the wider business community,” he said.

Wilson said that while it is good news that businesses are increasing investment, it is clear that spending on security is still not at a level that matches the changing threat dynamics.

Cyber security skills shortage is another issues which organisations are dealing. Participants mentioned that there is shortfall in the level of skills and experience which makes staff training, development and retention crucial to the future of the industry.

Ten percent of respondents felt that the security industry’s ability to protect data is declining rather than improving while forty nine percent said the opposite.

Survey found that there is awareness of security risks. Also, the impacts of a breach are driving an increase in investment, skills, experience, education and professionalism.

“While there is clearly much more to be done, the results of the survey are encouraging,” said Wilson.

————————————————————————————————————————————————————-

Alertsec is used by organizations that have recognized the need to protect their information. Customers range from single user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec’s Check Point Full Disk Encryption.

Security Survey Conducted by SailPoint Market Pulse

March 31st, 2016

SailPoint Market Pulse conducted survey which showed interesting results. According to the result, 20 percent of respondents said they would sell their passwords to a third party. Twenty percent of U.S. respondents said they would do so. Forty Four percent would do so for less than $1,000. The survey was conducted on 1,000 employees at organizations with at least 1,000 employees.padlock-147915_960_720

Participants were located in U.S., the U.K., Germany, France, the Netherlands and Australia.

“One would think that as more breaches touched more people individually, they would be more vigilant about security processes,” the report states. “But, in a stark contrast, it seems that while they expect their personal information’s safety, when functioning as employees, these same users are practicing security incredibly ineffectively, leaving themselves and their employers exposed.”

Other highlights of survey includes –

  • One third of participants admitted having purchased a SaaS application without IT’s knowledge
  • Twenty six percent admitted having uploaded sensitive information to cloud apps with the specific intent of sharing that data outside the company
  • Forty percent of respondents said they were still able to access a variety of corporate accounts after leaving their last job
  • One third of respondents said they have been impacted on a personal level by recent data breaches
  • Eighty five percent said they would react negatively if their personal information was breached at a company with whom they do business
  • Eighty-four percent of respondents are concerned that incredibly sensitive information about them is being shared
  • Thirty two percent of respondents admitted sharing passwords with their co-workers, and 65 percent admitted using a single password between applications.

————————————————————————————————————————————————————-

Alertsec is used by organizations that have recognized the need to protect their information. Over 4 million users worldwide use Alertsec’s Check Point Full Disk Encryption.

Computer glitch and Data Breach

March 26th, 2016

Laborers’ Health & Welfare Trust Fund for Northern California discovered that a computer glitch caused certain consumer health information to be processed incorrectly. The incident affected the processing of IRS Form 1095-B which included some patient health data in California.

According to the reports, some personal health information of workers were sent to other plan hqdefaultparticipants and beneficiaries. Affected information included beneficiary names and names of dependents, Social Security numbers, and health plan coverage information. According to a press release, the Fund Office has notified potentially affected individuals personally, and will provide free credit monitoring to them.

The Fund Office mentioned that it will be taking steps to strengthen training processes and tighten security measures.

According to the press release –
The Fund Office has notified participants and provided credit monitoring services to all those participants and beneficiaries affected.The Fund Office has also instituted stronger security measures to guard against future mishaps.

According to the Wikipedia –
A computer glitch is the failure of a system, usually containing a computing device, to complete its functions or to perform them properly.In public declarations, glitch is used to suggest a minor fault which will soon be rectified and is therefore used as a euphemism for a bug, which is a factual statement that a programming fault is to blame for a system failure.

————————————————————————————————————————————————————-

Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.