Slashdot Mirror

← Back to Stories (view on slashdot.org)

Thousands of Patient Records Held for Ransom in Ontario Home Care Data Breach, Attackers Claim (www.cbc.ca)

Posted by msmash on from the security-woes dept.

CBC reports: The detailed medical histories and contact information of possibly tens of thousands of home-care patients in Ontario are allegedly being held for ransom by thieves who recently raided the computer systems of a health-care provider. CarePartners, which provides home medical care services on behalf of the Ontario government, announced last month that it had been breached. It said only that personal health and financial information of patients had been "inappropriately accessed," and did not elaborate further. However, a group claiming responsibility for the breach recently contacted CBC News and provided a sample of the data it claims to have accessed, shedding new light on the extent of the breach. The sample includes thousands of patient medical records with phone numbers and addresses, dates of birth, and health card numbers, as well as detailed medical histories including past conditions, diagnoses, surgical procedures, care plans and medications for patients across the province.

2 of 33 comments (clear)

  1. Once again . . . by hduff · · Score: 3, Insightful

    Once again, a company that is supposed to protect sensitive personal information fails to provide available security measures and exposes sensitive personal information to a host of bad actors. This kind of neglect usually is not at the IT level, but all the way at the top.

    --
    "I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
    1. Re:Once again . . . by nuckfuts · · Score: 3, Insightful

      Yes, protecting sensitive data is an important corporate responsibility, but you seem to be placing 100% of the blame on the victim.

      Having worked as a System Administrator, I can tell you it's not easy to make anything completely secure. There are zero-day exploits. There are hackers who reverse engineer the latest security patches before you arrive at work and have a chance to evaluate & install them. There are extremely talented individuals who work relentlessly, day and night, to find new ways to circumvent your defenses.

      So when, inevitably, someone's security is breached, save a bit of your condemnation for the person(s) committing the crime. There are people holding companies for ransom with no regard for the amount of damage they create. This is what's truly reprehensible.