Massive Breach: 3m Healthcare Records Compromised

Uploaded on 2018-01-22 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare

Hackers have reportedly breached the systems of Norway's Health South East RHF regional administration, with nearly three million patients' data potentially compromised as a result.

The breach was announced by the authority, after it had been notified by HelseCERT, the Norwegian healthcare sector's national information security centre, that there had been abnormal activity against computer systems in the region.
HelseCert said that data theft had taken place and that the hackers were ‘advanced' and ‘professional'.

"We are in a phase where we try to get an overview. It's far too early to say how big the attack is. We are working to acquire knowledge of all aspects, " Kjetil Nilsen, director of NorCERT, the National Security Authority (NSM), which is also helping with the investigation, told Norwegian publication VG. "Everything indicates that it is an advanced player who has the tools and ability to perform such an attack. It can be advanced criminals. There is a wide range of possibilities," he added.

Meanwhile the CEO of Health South East RHF, Cathrine M. Lofthus said that the situation was "very serious" and that measures had been taken to limit the damage caused by the hack.

She said that the potential data theft has not had any impact on patient care or patient safety, as yet, and added that staff within the health sector and government were working to resolve the situation. The police have been notified, but as yet there are more questions than answers.

Nilsen said that the data could have been hacked to use for cyber espionage, or perhaps it is likely to be used by someone who provides services based on healthcare information.

However, as the health records would also include people who work in government, secret services, military and intelligence staff, politicians and other public individuals, there are some that believe the data could be used for other purposes.
Nyvoll Nygaard, an adviser with the Norwegian Police Security Service, said that it's possible that someone working for a foreign state intended to collect information that may harm fundamental national interests relating to the area's infrastructure.

Computing

You Might Also Read: 

Healthcare Suffers Most Cyber Security Incidents:

Essentials: A Cybersecurity Strategy For Healthcare:

« The Big Online Advertising Swindle
Twitter Reveals True Extent Of Russian US Election Posts »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Huawei

Huawei

Huawei is a leading global ICT solutions provider. with end-to-end capabilities across the carrier networks, enterprise, consumer, and cloud computing fields.

SealPath

SealPath

SealPath enables companies to protect and control their documents wherever they are: In their PC, in their corporate network, on a partner’s network, in the cloud.

Exodus Intelligence

Exodus Intelligence

Exodus Intelligence are an industry leading provider of exclusive zero-day vulnerability intelligence, exploits, defensive guidance, and vulnerability research trends.

WatchGuard

WatchGuard

WatchGuard is a leader in network security, secure Wi-Fi, and network intelligence products and services for SMBs and Enterprises worldwide.

ManagedMethods

ManagedMethods

ManageMethods Cloud Access Monitor is the only Cloud Access Security Broker (CASB) that can be deployed in minutes, with no special training, and with no impact on users or networks.

ICS2

ICS2

ICS² is the first cyber security company focusing on protecting the control system of power, oil, gas, and petrochemicals plants.

TechGuard Security

TechGuard Security

TechGuard Security was founded to address national cyber defense initiatives and US critical infrastructure security.

Online Business Systems

Online Business Systems

Online Business Systems is an information technology and business consultancy. We design improved business processes enabled with robust and secure information systems.

Cyber Police of Ukraine

Cyber Police of Ukraine

Cyber Police of Ukraine is a law enforcement agency within the the Ministry of Internal Affairs of Ukraine dedicated to combating cyber crime.

H3Secure

H3Secure

H3 Secure focuses on Secure Data Erasure Solutions, Mobile Device Diagnostics and Information Technology Security Consulting.

Fortified Health Security

Fortified Health Security

Fortified’s team of cybersecurity specialists is dedicated to helping healthcare providers, payers and business associates protect their patient data across the Fortified Healthcare Ecosystem.

Digital Element

Digital Element

Digital Element is a global IP geolocation and intelligence leader with unrivaled expertise in leveraging IP address insights to deliver new value to companies.

Tonex

Tonex

Tonex providing industry-leading technology training, courses, seminars, workshops, and consulting services to companies and government organizations around the world.

e-Xpert Solutions

e-Xpert Solutions

e-Xpert Solutions is a company specialized in the Information Security field since 2001. Our skills are strong technical expertise and the development of tailor-made solutions.

Hetz Ventures

Hetz Ventures

Hetz Ventures is a global-facing VC investing in highly talented and ambitious Israeli founders who operate at the cutting edge of deep technology.

Concertium

Concertium

Concertium is a complete cybersecurity partner equipped with the expertise and services to deliver end-to-end visibility and protection from evolving cyber threats.