Massive Breach: 3m Healthcare Records Compromised

Hackers have reportedly breached the systems of Norway's Health South East RHF regional administration, with nearly three million patients' data potentially compromised as a result.

The breach was announced by the authority, after it had been notified by HelseCERT, the Norwegian healthcare sector's national information security centre, that there had been abnormal activity against computer systems in the region.
HelseCert said that data theft had taken place and that the hackers were ‘advanced' and ‘professional'.

"We are in a phase where we try to get an overview. It's far too early to say how big the attack is. We are working to acquire knowledge of all aspects, " Kjetil Nilsen, director of NorCERT, the National Security Authority (NSM), which is also helping with the investigation, told Norwegian publication VG. "Everything indicates that it is an advanced player who has the tools and ability to perform such an attack. It can be advanced criminals. There is a wide range of possibilities," he added.

Meanwhile the CEO of Health South East RHF, Cathrine M. Lofthus said that the situation was "very serious" and that measures had been taken to limit the damage caused by the hack.

She said that the potential data theft has not had any impact on patient care or patient safety, as yet, and added that staff within the health sector and government were working to resolve the situation. The police have been notified, but as yet there are more questions than answers.

Nilsen said that the data could have been hacked to use for cyber espionage, or perhaps it is likely to be used by someone who provides services based on healthcare information.

However, as the health records would also include people who work in government, secret services, military and intelligence staff, politicians and other public individuals, there are some that believe the data could be used for other purposes.
Nyvoll Nygaard, an adviser with the Norwegian Police Security Service, said that it's possible that someone working for a foreign state intended to collect information that may harm fundamental national interests relating to the area's infrastructure.

Computing

You Might Also Read: 

Healthcare Suffers Most Cyber Security Incidents:

Essentials: A Cybersecurity Strategy For Healthcare:

« The Big Online Advertising Swindle
Twitter Reveals True Extent Of Russian US Election Posts »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Software Factory

Software Factory

Software Factory develops custom-built high-performance software solutions and products for applications including industrial cyber security.

Oxford BioChronometrics

Oxford BioChronometrics

By building profiles based on electronically Defined Natural Attributes, or e-DNA, Oxford BioChronometrics protects digital networks, communities, individuals and other online assets from fraud.

Wind River

Wind River

Wind River delivers the technology and expertise that enables the deployment of safe, secure, and reliable intelligent connected systems.

Invensis Learning

Invensis Learning

Invensis Learning is a professional training and certification company providing IT Service Management, IT Security & Governance, DevOps, Cloud Computing and Digital Awareness training.

NAVEX Global

NAVEX Global

NAVEX Global’s compliance management system consolidates your entire GRC program onto a scalable cloud-based platform.

XM Cyber

XM Cyber

XM Cyber is a leading hybrid cloud security company that’s changing the way innovative organizations approach cyber risk.

Cyscale

Cyscale

Cyscale is a consultancy and development agency helping Enterprises adopt and migrate to the Cloud by providing an Automated Cloud Security Platform.

Identifi Global Recruitment

Identifi Global Recruitment

Identifi Global is one of the UK's leading Cyber Security & IT Recruitment specialists.

OCM Business Systems

OCM Business Systems

OCM are experts in the safe, secure and responsible disposal of IT & EPoS assets.

972VC

972VC

972VC was created to help entrepreneurs find potential funding for their startups. Your guide to the Israeli startup funding ecosystem.

Safe Systems

Safe Systems

Safe Systems provide compliance centric IT services for community banks and credit unions, ensuring that they are kept up to date on current technologies, security risks, and regulatory changes.

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

AWS Marketplace eBook: Optimizing your cloud deployments to accelerate cloud activities, reduce costs, and improve customer experience.

The IoT Academy

The IoT Academy

The IoT Academy is a reputed Ed-Tech Institute that provides training in emerging technologies such as embedded systems, the Internet of Things (IoT), Data Science and many more.

Anametric

Anametric

Anametric is developing new technologies and devices for chip scale quantum photonics, with a focus on cybersecurity.

Paragon Cyber Solutions

Paragon Cyber Solutions

Paragon Cyber Solutions provides specialized security risk management and IT solutions to protect the integrity of your business operations.

Simbian

Simbian

Simbian, with its hardened TrustedLLM system, is the first to accelerate security by empowering every member of a security team from the C-Suite to frontline practitioners.