Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label stolen information. Show all posts

Innovative Legal Move Restores Hospital's Stolen Information

 


There has been a handover of patient data stolen by the notorious LockBit gang from a cloud computing company to a New York hospital alliance that is partnered with that company. There was a lawsuit filed by the North Star Health Alliance - a group of hospitals - in November in the hopes of forcing LockBit to return the patient data cybercriminals had stolen from the hospitals and kept on the Massachusetts vendor's servers. 

The lawsuit was filed by North Star Health Alliance in November as a legal manoeuvre to force LockBit to return the patient data. There has been a lawsuit filed against unknown members of the LockBit group by a healthcare alliance of two hospitals and an orthopaedic group in upstate New York. 

However, the suit is a legal move designed to make a Massachusetts-based cloud services vendor turn over patient data stolen from hospitals and allegedly stored on the cloud service vendor's servers to force the gang to hand over the data. It is said by David Hoffman, general counsel of Claxton-Hepburn Medical Center, which recently filed a lawsuit against ransomware gang LockBit, that the ubiquity and anonymity of cryptocurrencies are driving economic, legal, and ethical challenges that place healthcare organizations at risk from cybercriminals. 

Despite their claims, the lawsuit asserts that the defendants "conspired to commit complex cybercrime and move stolen goods around the world." The lawsuit claims that the defendants' identities "are unknown at the moment, as they have perpetrated the subject scheme in secrecy and by using the internet." 

As part of the legal action against the hackers, the hospital group was able to serve a subpoena upon Boston-based cloud-based storage company Wasabi Technologies for the delivery of the data LockBit claimed to have stolen last summer from the hospital group. The cybercriminals allegedly stored the data on Wasabi's servers, according to court documents, which were then turned over to LockBit. 

There is an injunction sought by North Star Health Alliance to prevent the use, transfer or duplication of the exfiltrated data. According to the complaint, all copies of the stolen data must be destroyed after they have been returned to the hospital group, as well as all other copies being destroyed. 

It is reported by the hospitals that they needed access to the data to be able to identify individuals whose information could potentially be compromised as a result of the breach. It was announced recently that Wasabi Technologies turned over data stolen from LockBit and stored on its servers to North Star Health Alliance, which was a member of the North Star Health Alliance that has been affected by the August attack, said David Hoffman, general counsel for Claxton-Hepburn Medical Center. 

ISMG was notified by Wasabi that the firm is committed to ensuring that all regulatory requests related to the company are answered as soon as possible. The policy of the firm is to refrain from commenting on ongoing legal matters. 

According to the lawsuit, around August 30, when a hacker gained access to Wasabi's cloud server owned and operated by the hospital group, the data was stolen from the hospital group's IT infrastructure and transferred to a server owned and operated by Wasabi. A data breach occurred. 

As per a statement posted on Carthage Area Hospital's Facebook page on Sept. 6, North Star Health Alliance members have been required to reschedule a variety of outpatient appointments as a result of a cybersecurity incident that they were dealing with. 

There is a requirement in the finance sector to prove that companies understand their customers. This applies to regulations - such as those regarding cryptocurrency exchanges - he explained. The cloud providers should be obligated to meet these types of requirements to prevent the storage of stolen information, the operation of hostile scanners and the distribution of malware out of domestic data centres, or other types of information security threats, etc., in the cloud.

In addition to raising potential legal concerns for technology vendors seeking a way to avoid getting unknowingly entangled in cybercrime committed by their clients, Dave Bailey, vice president at privacy and security consultancy Clearwater, believes the North Star Health Alliance case also raises illegal concerns, which could cause vendors legal problems. 

To provide care and perform vital mission-critical functions, healthcare organizations are increasingly depending on online platforms for the collection and use of personal data. It should be noted however, that cybercriminals will continue to exploit gaps in the security of governments to steal personal information and profit from it.

In the end, this can have adverse effects on the organization's business operations, resulting in poor health services and ultimately a decline in performance. Healthcare providers and facilities should demonstrate prompt responsiveness to minimize potential damages swiftly. 

Additionally, it is imperative to establish comprehensive, integrated preventative measures to safeguard data and uphold continuous business operations. Healthcare organizations stand to gain considerable advantages from the implementation of multi-layered detection and recovery systems.

These systems aid in the identification and prevention of vulnerabilities and malware, mitigating the risk of exploitation and transmission to various data endpoints, including corporate networks, medical devices, company mobiles, and others. 

In the event of security incidents, such as data breaches, healthcare organizations must possess the capability to assess their impact accurately. Furthermore, they are obligated to promptly notify law enforcement and the relevant authorities. Simultaneously, it is essential to enact a well-defined action plan to address the needs of affected patients and individuals, ensuring a comprehensive and effective response to security breaches.

Travel HACK: Why you Should not Share Photos of Your Boarding Pass Online

You are done packing the bags, you put on your airport look and now you are all set to board the flight to your dream vacation. You might as well want to post a picture of the trip, or share a picture of your boarding pass. But wait, doing this recklessly may cost you your privacy.

While boarding passes do not include some outright personal information like an address or a phone number, they do involve certain codes that would work well for a crime actor to find information about you

The documents may appear to be nothing more than travel keepsakes outside of their primary use at the airport, but they are much more informative than many travellers realise. According to Amir Tarighat, CEO of cybersecurity company Agency, "people often think, like, 'Just this information isn't enough to compromise (me)' but that's not how the attackers view that information." Boarding passes possess information like the flyer’s legal name, your ticket number, and passenger name record (PNR), a six-digit alphanumeric code specific to their reservation.

Meanwhile, Amir Sachs, founder and CEO of cybersecurity and IT company Blue Light IT said, “Using the PNR and your last name, a hacker can have full access to your booking information, which will give them access to your phone number, email address, and emergency contact information.” Getting a hand to an individual’s PNR also lead to a passenger’s frequent flier number, Known Traveller Number (associated with Global Entry and TSA Pre-Check), and redress number (associated with the Department of Homeland Security’s TRIP program).

With all the aforementioned information, one can easily change a passenger’s booking. In fact, all you need to change or cancel flights online is your name and PNR; a password is not required. Additionally, someone may simply steal a hard-earned frequent flier miles if they gain access to their frequent flier account, which does require a password. Moreover, much worse issues await if a hacker gets hold of a victim’s details through their boarding pass.

Josh Amishav, founder and CEO of data breach monitoring company Breachsense explains, “Your frequent flier number, name, and PNR are valuable for identity theft, enabling fraud like opening credit card accounts or making unauthorised purchases[…]Hackers can employ social engineering techniques, pretending to be airline representatives to trick you into revealing more personal data. They can also create targeted phishing attempts using your boarding pass info, leading to clicking on malicious links or sharing sensitive data.”

While these risks do not stop at posting your boarding pass online, you might as well want to skip the entire printed boarding pass to reduce the risk of data being compromised from a discarded or lost slip. Researcher and senior technical director for cyber safety brand Norton explains, “Consider using a mobile boarding pass to ensure no physical copies will be left behind in your plane seat pocket, boarding area, or somewhere else where scammers can easily grab it.” One may consider that travel apps too could be hacked, so compromising digital boarding pass is not something entirely safe either.

Even though one may get quite lucky to avoid any such issue, posting a photo of your boarding pass online is not worth the risk. Thus, being mindful in taking cautionary measure could save you from any trouble. If you are adamant on posting a picture of your boarding pass online, you can use photo-editing software to hide away that information, or you can skillfully stage your photo so that none of the identifying details are visible, which will also include the barcode.

“Hackers can use barcode scanners to steal information from boarding passes shared online or left behind in airplanes and airports[…]Depending on the airline, a barcode scanner can unveil a flier’s airline account number, associated email and phone number, and your flight’s confirmation code — information that could all be used to make a phishing attack look more realistic,” explains Roundy.

It is also advised to post your travel photos on a delay— ones you are back from your travel, as Sachs says, “Keep your info safe and save the travel bragging for when you’re safely back home!”