At a glance.
- Survey shows customers value security.
- Security issue at US healthcare provider disrupts services.
- Capital One data breach hacker sentenced.
- Election software CEO arrested for alleged data theft.
Survey shows customers value security.
Fraud prevention firm IDology has released its Fifth Annual Consumer Digital Identity Study, and the results indicate that 60% of consumers don't feel companies provide enough protection for their data, PR Newswire reports. Christina Luttrell, CEO of IDology parent company GBG, states, "Consumers expect secure, easy and trustworthy interactions and aren't afraid to walk away from anything less. Today more than ever, businesses must build trust early, beginning with account opening and onboarding." In a 38% increase over last year, 56% of respondents expect fraud attempts to rise, and 19% said a fraudulent account had been opened in their name in the last eighteen months. When opening a new online account, 68% of respondents say security is most important to them, with 32% prioritizing convenience and ease. Over three-quarters said knowing a company is using advanced identity verification could make them more likely to use that company's services.
Security issue at US healthcare provider disrupts services.
CommonSpirit Health, the second-largest nonprofit hospital chain in the US, experienced an “IT security issue” that forced several of its facilities to take their electronic health records systems offline, MedCity News reports. A statement from CommonSpirit reads, “Our facilities are following existing protocols for system outages and taking steps to minimize the disruption. We take our responsibility to ensure the security of our IT systems very seriously. As a result of this issue, we have rescheduled some patient appointments. Patients will be contacted directly by their provider and/or care facility if their appointment is impacted.”
Several patients have reported issues accessing their MyChart accounts, and a spokesperson at Epic Systems, the company behind MyChart, says CommonSpirit is the only customer experiencing these problems. The health system operates one hundred forty hospitals and over one thousand care sites across twenty-one states, and so far outages have been reported at several locations including Lakeside Hospital, Creighton University Medical Center-Bergan Mercy, Immanuel Medical Center, St. Michael Medical Center, and St. Anthony Hospital in Gig Harbor.
The Des Moines Register reports that MercyOne Des Moines Medical Center, a hospital in CommonSpirit’s network, has shut down some of its information technology systems “as a precautionary step,” and ambulances were diverted from the hospital's emergency department to other medical facilities. The Omaha field office of the Federal Bureau of Investigations declined to comment, stating "as a matter of policy, the FBI does not confirm or deny the existence of investigations." Though CommonSpirit has not disclosed the nature or cause of the issue, the Record by Recorded Future says cybersecurity experts like Kevin Beaumont believe it could be a ransomware attack. “That one is ransomware for sure, seen the IR chatter,” Beaumont posted on Twitter.
Rebecca Moody, head of data research at Comparitech, puts the incident in the context of trending attacks on healthcare organizations:
“Ransomware attacks on healthcare organizations remain a critical concern, with Comparitech's US ransomware tracker showing 42 publicly confirmed attacks on these entities in the US so far this year. While these figures are lower than 2021's (where we saw 108 in total), our recent research (published this week) finds that the average length of downtime from ransomware attacks on US healthcare organizations has increased dramatically in 2022. Based on the details that have been published, healthcare organizations are suffering an average of 23.45 days in downtime from ransomware attacks this year. This is up from 5.78 days in 2021. Recent examples include Oklahoma City Indian Clinic which still hadn’t recovered from its attack after two months and Taylor Regional Hospital which suffered a 10-week outage.
"Any downtime within businesses can have a devastating impact, but within healthcare organizations the consequences can be even more severe. Equally, if CommonSpirit's security incident is confirmed as a ransomware attack, it isn't just the knock-on effect of downtime that will be of concern but the potential breach of patient data. To date, nearly 5 million patient records have been impacted by US healthcare ransomware attacks in 2022."
Erfan Shadabi, cybersecurity expert with data security specialists comforte AG concurs that the data healthcare organizations hold and process are extraordinarily attractive to criminals:
“Every medical and healthcare facility at this point should know that they are one of the prime targets of cyber-attacks. They collect, process, and house some of the most sensitive data about a person, including PII and PHI (and even payment information). Threat actors can use this information for a variety of purposes. Each and every medical and health organization needs to believe firmly that they are currently or soon will be under sustained attack and should therefore plan accordingly to mitigate the fallout in case their most sensitive data becomes exposed.
"The bare minimum of data security includes fortifying the perimeters around PII or PHI data. However, more effective data protection methods are readily available, including data-centric technologies such as tokenization and format-preserving encryption. These measures guard the data itself. This data-centric protection travels with the data, so even if hackers circumvent perimeter security, any sensitive data they access will be worthless, thereby averting the worst repercussions of a breach.”
Capital One data breach hacker sentenced.
US District Judge Robert S. Lasnik has sentenced former Amazon systems engineer Paige Thompson, the hacker behind a 2019 data breach of US financial services firm Capital One, to just time served and five years of probation. As CNET recounts, Thompson accessed cloud storage buckets owned by Capital One and exfiltrated the personal data of over 100 million individuals. Although prosecutors were seeking a seven-year sentence, Thompson could have faced up to twenty years in prison for wire fraud. Explaining his ruling, Judge Lasnik said sending Thompson to prison would have been "particularly difficult on her because of her mental health and transgender status.” The Register posits Judge Lasnik was also swayed by Thompson’s statement that she hoped to contribute to society in the future. US Attorney Nick Brown expressed his disappointment in the ruling, stating, “Ms. Thompson’s hacking and theft of information of 100 million people did more than $250 million in damage to companies and individuals. Her cybercrimes created anxiety for millions of people who are justifiably concerned about their private information. This conduct deserves a more significant sanction.” A hearing in December will determine how much Thompson will pay her victims for restitution.
Election software CEO arrested for alleged data theft.
Eugene Yu, founder and CEO of Konnech, an American software company targeted by US election deniers, was arrested on Tuesday under suspicion of data theft. Based in the state of Michigan, Konnech won a five-year, $2.9 million contract with Los Angeles County in 2020 for PollChief, software used to track election worker schedules, training, payroll, and communications, AP News explains. In violation of Konnech’s contract, Yu allegedly stored county poll worker information on servers in China. “With the mid-term General Election 35 days away, our focus remains on ensuring the administration of this election is not disrupted,” said Dean C. Logan, the LA County registrar-recorder/county clerk. A statement from Konnech reads, “We are continuing to ascertain the details of what we believe to be Mr. Yu’s wrongful detention by LA County authorities…Any LA County poll worker data that Konnech may have possessed was provided to it by LA County, and therefore could not have been ‘stolen’ as suggested.” Gizmodo notes that election conspiracy theorists have circulated unfounded claims that Konnech has ties to the Chinese Communist Party, using the ethnic background of Yu and his employees as their only evidence. According to the district attorney’s office, there is no evidence indicating any election workers have been bribed or extorted, and an investigation will determine whether any of the data fell into the wrong hands.