Hitrust suffers hacker attack
Outliers is gonna file this one under “Physician, heal thyself.” It seems one of the more prominent organizations devoted to health IT data security ran into a little data security lapse. Yes, the Health Information Trust Alliance got hacked. Oops.
Hackers TeamBerserk—which also claims to have hacked the Department of Homeland Security and Chief Marketing Officer Council, among other organizations—boasted of the achievement May 26 via Twitter: “LOOOL hitrustalliance #hacked #rooted and connected boxes #rooted by #TeamBerserk.”
Frisco, Texas-based HITrust was quick to issue a statement saying it really wasn’t a big deal. HITrust said it had “a noncritical, stand-alone public Web server compromised by an SQL injection that resulted in some test data being leaked.” The hack exposed 111 records that included “some real names, companies, addresses, phone numbers and e-mail addresses” and six encrypted passwords. The data were from rosters of planning meetings in 2008, according to the statement. No personal health or other sensitive information was breached.
“We have updated our policies both to noncritical, nonsensitive Web servers and our test environments and will secure our test environments and public general information websites to a higher assurance level,” the statement continued.
TeamBerserk took to Twitter to boast of hacking HITrust.