2 hospital data breaches on Monday exposed patient data
Two prominent hospitals were the victims of data breaching hackers in the last few days with each hospital having over 40,000 patients’ personal information at risk. On Monday, Phetchabun Hospital had the personal data of 46,000 of their patients compromised while Bhumirajanagarindra Kidney Institute Hospital had the data from 40,000 patients stolen in parallel attacks.
The Cyber Crime Investigation Bureau uncovered what they believe to be the source of the Petchabun Hospital hack in a preliminary investigation, tracing the data breach through a server in Singapore to a group of Indian hackers. The hackers demanded a ransom and posted the list on Raidforums.com, a website for sharing and selling hacked databases.
The CCIB said they believed that the data was accessed through clickbait, a malicious link that tricked a hospital worker into clicking and allowing access. They also commented that it could have just been a weak password.
Meanwhile, at Bhumirajanagarindra Kidney Institute Hospital, hospital staff were unable to access their patient database around 5 am on Monday. Upon further investigation they discovered that the data, which included personal information and treatment histories, had been stolen.
The hospital director said that they received a call in English later Monday from a man who claimed to be the hacker and who said he would call back the next day to arrange a ransom payment. After the director send a recording of the conversation to Phaya Thai police, he never heard from the man again.
They believe the breach was when they gave access to a trusted software company to perform system upgrades remotely, but they don’t suspect the company or wrongdoing, though police intend to investigate. The hospital lost some data and expect a service delay but they did have a backup system that was able to be recovered.
Authorities postulate that these hacks may be connected to other recent high profile hacks of another hospital in the Northeast and of Krungthai Bank, though they made no mention of the Bangkok Airways data breach last week.
SOURCE: Bangkok Post, 2