Connect with us

Hi, what are you looking for?

Tech & Science

U.S. health body announces data breach, but those concerned can wait 2 months

This cyberattack could disclose sensitive medical diagnosis or images if payments are not made.

UC San Diego Health is the academic health system of the University of California, San Diego in San Diego, California. Image by Coolcaesar
UC San Diego Health is the academic health system of the University of California, San Diego in San Diego, California. Image by Coolcaesar

UC San Diego Health has disclosed a data breach after the compromise of some employees’ email accounts. The attackers may have accessed the personal information of patients, employees, and students. This includes laboratory results, medical diagnosis records, and prescription and treatment information.

The data  breach occurred between December 2, 2020, and April 8, 2021, after email accounts were compromised in a phishing attack, NBC 7 reports.

As to whether a specific person has been impacted, concerned individuals may have to wait a while. The San Diego Union Tribune notes that UC San Diego Health plans to begin contacting impacted individuals after a forensic investigation is complete, likely by the end of September 2021. This seems a long time for the people potentially impacted.

This represents another cybersecurity incident that has inflicted the digitally-battered health sector in the U.S.

Looking into the technicalities of the incident is James Carder, CSO of LogRhythm.

Carder tells Digital Journal: “As we have witnessed throughout 2021, threat actors continue to exploit unsuspecting individuals to gain sensitive information. Medical records continue to be the highest value record being stolen due to how financially lucrative the personally identifiable information (PII) and protected health information (PHI) , which cannot be changed or updated like you can with a credit card number, is for attackers.”

To add to the bombardment of healthcare for valuable medical information comes another institution that has been afflicted. Carder touches on the specifics, noting: “Here UC San Diego patients whose information was accessed are now vulnerable to a number of attacks due to their sensitive PII and PHI data being breached, including various methods of credit, insurance, and payment fraud.”

Even worse, Carder predicts: “They could also face extortion-based attacks threatening to disclose sensitive medical diagnosis or images if payments are not made. Additionally, it is conceivable that the medical state, diagnosis or prescription information for high profile patients could be of interest to nation states, terrorist groups, or other threat actors looking to do physical harm.”

Repairing the problem and going forward is something all institutions need to face post-cyberattack. Carder recommends for UC San Diego Health that the health body “Needs to review their complete threat landscape and model the threat actors that would be interested in or targeting that landscape. They need to fully understand what has been exposed to the internet and what systems or infrastructure allows access, especially to sensitive information, with just a username and password.”

In addition: “Moving forward, UC San Diego should also ensure they have multi-factor authentication in place, as it is a must have in today’s day and age and could prevent future breaches caused by compromised credentials.”

But what about other preventative measures, and what should other organizations be considering? Carder adds: “To help prevent incidents like this moving forward, security awareness programs are essential — especially programs that focus specifically on phishing awareness.”

Culture is also important, such as: “Ensuring employees are comfortable with analyzing subject lines, sender addresses, etc. allows them to be a more active part of the security defense.”

The other important consideration is timeliness, says Carder: “No matter where an organization stores their data, real-time monitoring and clear visibility are crucial for rapidly detecting and neutralizing security threats. Given the current evolving threat landscape and increased focus on healthcare by cybercriminals, companies must leverage authentication and access controls, and response capabilities, to ensure private documents will be safeguarded and patients remain protected.”

Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

World

Covid-19 is officially the most deadly outbreak in recent American history.

Life

The Associated Press called his presence before the international body a provocation of sorts.

Life

The U.S. Space Force, the newest branch of the US military, unveiled a new uniform prototype for its members, known as Guardians.

World

We’re not talking about theoretical money here. The impact will be felt in hard cash, worldwide, if Evergrande collapses.