[ISN] Ransom, implant attack highlight need for healthcare security

http://www.csoonline.com/article/725880/ransom-implant-attack-highlight-need-for-healthcare-security By Taylor Armerding CSO January 08, 2013 All healthcare data breaches are not equal. They’re all bad, and reaching epidemic levels. The security testing company Redspin, for one, found that Protected Health Information (PHI) breaches nearly doubled from 2010 to 2011. The Department of Health and Human Services has reported 525 breaches of 500 or more records, involving 21.4 individuals over the past three years, said Redspin president and CEO Daniel Berger. But the raw numbers are only a piece of the story. Gienna Shaw, editor of FierceHealthIT, wrote in a post this week: “It’s not the numbers that interest me most. It’s the stories behind them,” she wrote. “And there are so many stories …” One involved the Surgeons of Lake County, a small medical practice in Libertyville, Ill. Hackers broke into the system last summer, gained access to the names, addresses, Social Security numbers, credit card numbers and some medical information on more than 7,000 patients, then encrypted all the information and demanded a ransom. Another involved medical students creating fake identities so they could post patient information on Facebook and other social media sites. A third involved malware infecting hospital equipment. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org