Alberta health data threatened by virus
p2pnet news view | Security:- Thousands of Albertans are being warned their personal and private medical information may have been seriously compromised.
Provincial privacy commissioner Frank Work made the “dire diagnosis” as police were investigating, “how someone hacked into the Alberta Health Services computer system in Edmonton and had a chance to view and photograph the medical files of 11,582 people,” says the Edmonton Sun.
Compromised data included names, addresses, health-care numbers, lab test results and diagnoses, the story has officials saying.
“I’m very worried,” said Work, who’s, “awaiting forensic results from AHS information systems experts that might determine how the security breach could have happened”.
Electronic medical records were exposed from May 14-29, “”after an attack by new variations of a Trojan-horse-style virus called Coreflood and Coreflood.C that could have come in via an e-mail, a laptop or other device,” the story quotes Bill Trafford, AHS senior VP and CIO discerning.
“Trafford admitted those forms of viruses have been circulating for several years but new variations can essentially be tweaked to beat the most up-to-date anti-virus software,” the Sun says.
Coreflood infected only the Edmonton network, “but patient files from anywhere in Alberta may have been affected,” says AHS spokeswoman Shannon Evans in the Calgary Herald.
Evans said the virus worked by taking sporadic screen shots of infected computers.
“So say somebody was looking at a Word document, it might have taken a screen shot of that and then that data would be uploaded to a server outside the AHS network,” she said.
People with concerns can contact 1-877-583-9977.
Edmonton Sun – Privacy breach shocker, July 9, 2009
Calgary Herald – Files at risk after virus infects Alberta Health computer, July 8, 2009
Use free p2pnet newsfeeds for your site. It’s really easy!
Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details.
July 9th, 2009 at 1:17 pm
Hum, I know our hospital is using Windows. I wonder if that has any bearing on the entrance vector.
There was a recent paper (I don’t have the link) that says companies have to look at the cost of fighting and cleaning up after a virus infection when calculating their costs of ownership when using Windows. I wonder how much this is going to cost Albert Health and how much stress this is going to cost those people being affected. I wonder if I am going to be one of them.
In one report, an average virus attack can cost a major corporation about 2 million dollars.
July 10th, 2009 at 11:25 am
Here is a recent article on how bad it can get if your medical system gets a virus.
NHS hospitals struggle to hold back the malware tide
http://www.theregister.co.uk/2009/07/10/nhs_malware/
It found that the problem turned out to be much worse than originally announced.
I wonder if the administrators in the Alberta attack clean and reinstall the systems or just “clean” them.
Again, I wonder how much this is costing use tax payers?