backtop


Print 34 comment(s) - last by mindless1.. on May 11 at 9:00 PM

The state has refused to pay the $10M ransom demand

Days after it was revealed a hacker successfully compromised the Virginia Health database and stole records of more than 8 million patients; the state of Virginia announced it will not pay a requested $10 million ransom.

The database is used by pharmacies and doctors to track narcotics and painkiller prescriptions, in an attempt to reduce the amount of abuse, theft and illegal sales of popular prescription drugs.

Both the Virginia state police and FBI are looking into the matter, with Virginia Governor Timothy Kaine saying this is a "crime and it is being treated that way."

The state has refused to pay the ransom, and will instead rely on the FBI's investigation to locate and prosecute the people responsible for this data intrusion.

Since the breach last week, the Department of Health Professions shut down its computer network, and all data has been successfully backed up.  The DHP has issued a statement saying it can "assure the public that all precautions are being taken for DHP operations to continue safely and securely."

Hackers’ attempts to steal personal information or hold data for ransom has increased in popularity, with hackers routinely stealing Social Security Numbers and other personal information so it can be sold to identity thieves.  There is a growing concern over foreign-based hacker groups that are bankrolled by countries such as China and Russia, who are targeting U.S.-based computer networks.

The FBI hasn't said if they believe this data intrusion to be the work of foreign hackers, but it's a link they're likely looking into during the investigation.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: It just goes to show....
By AntiM on 5/8/2009 1:22:01 PM , Rating: 2
The good thing about physical hard copy records is that as far as I know, nobody can steal millions at one time within a matter of seconds and then distribute them just as easy.

I don't mind electronic medical records provided I can be assured that they will be 100% safe from hackers and other fraudulent use. However, apparently, there's no way to make them 100% safe and unhackable. Therefore, sad as it seems, paper is more secure than digital.

I understand what you're saying, EMR is coming, and our privacy is going... Not much we can do about it.


RE: It just goes to show....
By jeff4IT on 5/8/2009 1:56:33 PM , Rating: 2
I agree there is huge privacy and identity theft potential in EMR.

Combined with a lack of a reliable patient identity verification process and you have a great opportunity for increase in health record theft by cyber criminals.

There is already a growing business for stealing medical information. In many cases identifying information is sold to desperate people who need care but don't have health insurance.

Unfortunately, the lack of EMR in the US leads to huge costs in health care. Also, more importantly, lack of patient information or inaccurate informaiton causes many thousands of deaths every year.

Saving lives will have to take precedence over privacy and theft. As patients we should demand that our government and health organizations set higher standards for protection of health data.

HIPAA is a good start but doesn't go far enough and isn't in touch with what modern security technology can delivery.


"My sex life is pretty good" -- Steve Jobs' random musings during the 2010 D8 conference

Related Articles













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki