Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label WakeMed. Show all posts

CentraState: Potential Cyberattack at CentraState Prompts Hospital to Divert Ambulances


The CentraState Medical Center's cybersecurity issue has caused the hospital to divert ambulances and the majority of new patients to other institutions. 

The Medical Center’s spokesperson, Lori Palmer says that the hospital’s critical care has not been affected and they are still taking some walk-in patients. "We are still accepting patients if people walk into the (Emergency Department). We have patients currently here, many of whom are currently being taken care of," she told. 

In addition, Friday's outpatient services were scheduled to be suspended at 1 p.m. and stay that way until further notice. 

While the cybersecurity issue was detected early Friday, the hospital is currently attempting to identify the extent and origin of the situation. Palmer adds that the hospital has immediately informed about the issue and alerted the state Department of Health and Senior Services. 

It is yet not clear whether the investigation involves the New Office of Homeland Security, which deals with cyberattack cases. 

Late November saw the release of an alert from the New Jersey office and its cybersecurity unit, the New Jersey Cybersecurity and Communications Integration Cell, warning the public to be on the lookout for any indications of cyber threats targeting individuals, organizations, and businesses throughout the state during the upcoming holiday season. 

Moreover, the alert level of the office is currently at “blue” or “guarded,” i.e. a general risk related to hacking or malicious activities, although no "known exploits have been identified or known exploits have been identified but no significant impact has occurred."

CentraState's cybersecurity issue comes weeks after many other hospitals reported a security breach, that later made news headlines. Some of the recent cases are listed below: 

  • Medibank Data Breach: In November, last year, Medibank hospital announced that it has faced a data breach, in which the attacker apparently accessed data involving patients’ names, date of birth, addresses, phone numbers, and email addresses. 
  • WakeMed Data Breach: Later, WakeMed and Duke Hospital of North Carolina reported that the personal and protected medical data of thousands of local patients may have been exposed to Facebook, by tracking pixel.

How Tracking Pixels are Collecting Personal Data, 5 On Your Side Reveals


Have you been Christmas shopping on the internet, and later have advertisement of similar items following you all across your online pathway for days? 

This is no coincidence, for you are being tracked and it is not a virus or malware doing so, but the companies and applications deceiving you. 

In a recent report, the personal and protected medical data of thousands of local patients may have been exposed to Facebook, by tracking pixel. 5 On Your Side unveils the details of this pixel and what else are they set to expose of the victims. 

Alex Ondrick is one of the WakeMed patients who received a letter from the hospital this October. The letter apparently mentioned that some of his medical information may have been exposed on Facebook.

"Interestingly, my mother also got the letter, my step-dad got the letter, several of my friends also got the letter," Ondrick said. 

According to news outlet, the Markup, WakeMed and Duke University Hospital were found to be employing the Meta Pixel, a tracker, on their websites. While we are referring to a pixel, like the millions of pixels that make up an image on your television or computer screen. 

"Those pixels can also be used to house code, to house information […] In this particular case, it’s a very unique piece of code that takes information regarding whoever is using that website at the time, and sends that back to the web server of whoever is implementing that. In the case at hand, it’s Meta or Facebook," says Former CIA Cyber Threat Analyst Clark Walton. 

Walton further tells 5 On Your Side that the code can gather detailed information about your browsing habits, user preferences and what you click on. The owner of the pixel, such as Meta, gets that raw data. The information is then reduced to marketing data and forwarded to the website's owner. 

"The technology is not specific to Meta, certainly could be anybody," Walton said. 

The pixels present on the websites are of varying kinds and utilized by organizations of all sizes. They are invisible and unlike “cookies,” you could not block these pixels. 

"There’s not necessarily, to my knowledge, a way to opt out of if you go to a private website that’s using that pixel technology," Walton added. 

While neither agreed, 5 On Your Side contacted both Duke Health and WakeMed to interview in regards to the subject matter. 

Duke Health officials sent a statement stating, “Duke University Health System values the privacy of its patients’ medical information. DUHS has investigated the use of the Meta Pixel on our website and patient portal and has determined that DUHS did not transmit its patients’ protected health information to Meta. We continue, however, to study the issue and may share additional information if and when appropriate given pending litigation and ongoing external investigations into these matters.” 

WakeMed, on the other hand said that they directly communicated the information with individuals who might have been affected and dedicated a phone line and email address to handle any further inquiries or concerns.