Nursing home records available to crooks online

Featured eBooks
CDM
Read Now

Future-Ready Workforce

Read Now

Health Tech

Read Now
Insights & Reports
Redefining Mission Security
Presented By Babel Street
Download Now
Defending government cloud against advancing threats
Presented By CrowdStrike
Download Now

By

Healthcare and Public Health // New York, United States

On a public website, researchers saw documents that easily could allow bad guys to obtain electronic patient data and payment information from healthcare providers.

The documents explained “the type of equipment used in computer networks, the Internet addresses for computers and other devices, and the passwords to network firewalls run by healthcare providers such as nursing homes, doctors' offices and hospitals,” The Wall Street Journal reports.

The data collected using these details could be used to sell credit card information and medical information for committing insurance fraud.

The website at issue -- 4shared.com -- turned up information from three nursing homes: the Bronx Center for Rehabilitation & Healthcare in New York; the Glengariff Healthcare Center in Glen Cove, N.Y.; and the Campbell Hall Rehabilitation Center in Campbell Hall, N.Y.

 4shared.com is one of several sites where hackers go to dump data.

“Glengariff said it hadn't realized that its information was online until the center was contacted by the Journal,” the Journal reports.

The documents, which contained network passwords, were from 2007, when the facility initially installed SigmaCare medical-records software and the passwords had been changed immediately after installation so there is no longer any risk, according to Glengariff.

“Bronx Center said it learned of the security breach in early 2012 and switched security providers,” according to the Journal.

The Campbell Hall Rehabilitation Center didn't respond to requests for comment.

A document available purporting to be from Campbell Hall included the brand of firewall, the networking switch, the Internet addresses of wireless access points for 11 rooms, precise blueprints of the facility, the locations of PCs and printers, and the encryption keys, usernames and passwords granting access to the network.

Security specialists suspect the documents for the three nursing homes likely were posted to 4shared.com by people who gained access to SigmaCare software.

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.

Original Report:
online.wsj.com/news/articles/SB10001424052702304899704579389171658671940

NEXT STORY: Hackers crack into user data on Kickstarter