Scams from HSE data hack could last months  | #socialmedia

The public will have to be vigilant about potential scams using healthcare data for a number of months, according to a security expert.

The criminal gang which hacked the HSE servers may release or sell on the data as they have threatened, but the impact is unlikely to be seen for some time, said Rosie Coffey from the University of Limerick.

Ms Coffey, head of enterprise architecture and security, said: “The inevitable next step is they are going to use that data, it is a scammers’ paradise. The data now has to be assumed to be available.” 

She said anyone who dealt with the HSE or Tusla should be “extra vigilant in relation to anything to do with your personal data”.

No large data dump

So far, there has not been the large data dump some people feared.

“People know now that Ireland is on high-alert,” Ms Coffey, a member of Cyber Women Ireland said.

It is going to be in the weeks and months to come that there will be increased scams.” 

Anyone receiving calls suggesting a refund or extra payment is due on healthcare should not give out personal details, Ms Coffey said.

She recommends instead asking which healthcare provider the person is claiming to call from, and then hanging up before calling that place to check. 

People should not dial back using the number the scammer called on, but should instead independently find the number.

While older people might be seen to be more vulnerable to this, Ms Coffey said younger people are more used to sharing health data online and should be equally alert.

She also warned that scammers who buy this data may harvest details from public social media accounts to add to the information they use on the call or text.

Garda confidential line

A Garda spokesman said anyone receiving a suspicious call should contact the Garda confidential line immediately. He said they do not yet have “specific data” on how many people have done this.

Referring to reports of patients getting scam calls looking for bank details, he said: “An Garda Síochána has not confirmed with full certainty that any personal records or data reported to have been circulated are in fact genuine even though this is probable and would be a feature of these attacks.” 

Meanwhile, hospital patients are being asked to bring any medical documents they have to help with care until staff can access records. Old discharge letters, for example, might have the patient’s MRN code.

But patient advocate Olive O’Connor said most patients do not have any access to their own charts or health data.

She said: “The HSE should implement national guidelines that all patients and carers are included in communications so they have access to their own care plans.” 

Ms O’Connor, an Irish patient reviewer for the British Medical Journal, said this hack has shown the consequences of not sharing data with patients.

The FBI said today it has identified at least 16 Conti ransomware attacks in the last year, on “US healthcare and first responder networks, including emergency medical services, 9-1-1 dispatch centres”.

Garda Síochana confidential line: 1800 666 111 or a local Garda station.

Original Source link

Leave a Reply

Your email address will not be published.

ninety eight − 89 =