Another week and another data
breach happens. In week 9 a Texas mental health institute was breach. Emergence
Health Network in El Paso, Texas was a victim of an internet attack that dates
as far back as 2012. Over 11,000 patients were affected from this breach (McGee,
2015). Hospitals and any other institution that hold peoples personal
information need to realize that they will be targeted, because of the valuable
information they hold.
After finding out about unauthorized
activity on the server, Emergence Health Network shutdown the server. Emergence
Health Network reported the breach to the U.S. Department of Health and Human
Services on October 16th, 2015. They alerted the authorities and
called in a third party to run forensics on the server. The third party company
found that the unauthorized access to the server could date back to 2012. The
information stored on the server included patients' first and last names,
addresses, dates of birth, Social Security numbers, case numbers and
information indicating that the individual accessed services from EHN or Life
Management Center El Paso, the entity's previous name (McGee, 2015). The third party
also found that no data was copied or stolen from the server. The third party company
thinks that this attack may have been a way to get to another company’s data. Emergence Health Network will be providing
patients with free credit monitoring depending on the case.
After the breach Emergence
Heath Network has went through a security overall. They have improved their
firewalls and have even hired a third party company to monitor its network. The
real question is why wasn’t Emergence Health Network using better information
security protection in the first place. After writing this blog for over 8
weeks it seems companies always add more security after they have been
breached. The reason for this is because the security is the lowest on the
totem pole, but after a breach it becomes top priority.
References
McGee, M. (2015, October 27).
Texas Mental Health Center Hacked. Retrieved November 1, 2015, from
http://www.databreachtoday.com/texas-mental-health-center-hacked-a-8631
No comments:
Post a Comment