Hitrust suf­fers hacker at­tack

Modern Healthcare - - OUTLIERS ASIDES & INSIDES -

Out­liers is gonna file this one un­der “Physi­cian, heal thyself.” It seems one of the more prom­i­nent or­ga­ni­za­tions de­voted to health IT data se­cu­rity ran into a lit­tle data se­cu­rity lapse. Yes, the Health In­for­ma­tion Trust Al­liance got hacked. Oops.

Hack­ers TeamBerserk—which also claims to have hacked the Depart­ment of Home­land Se­cu­rity and Chief Mar­ket­ing Of­fi­cer Coun­cil, among other or­ga­ni­za­tions—boasted of the achieve­ment May 26 via Twit­ter: “LOOOL hitrustal­liance #hacked #rooted and con­nected boxes #rooted by #TeamBerserk.”

Frisco, Texas-based HITrust was quick to is­sue a state­ment say­ing it re­ally wasn’t a big deal. HITrust said it had “a non­crit­i­cal, stand-alone pub­lic Web server com­pro­mised by an SQL in­jec­tion that re­sulted in some test data be­ing leaked.” The hack ex­posed 111 records that in­cluded “some real names, com­pa­nies, ad­dresses, phone num­bers and e-mail ad­dresses” and six en­crypted pass­words. The data were from ros­ters of plan­ning meet­ings in 2008, ac­cord­ing to the state­ment. No per­sonal health or other sen­si­tive in­for­ma­tion was breached.

“We have up­dated our poli­cies both to non­crit­i­cal, non­sen­si­tive Web servers and our test en­vi­ron­ments and will se­cure our test en­vi­ron­ments and pub­lic gen­eral in­for­ma­tion web­sites to a higher as­sur­ance level,” the state­ment con­tin­ued.

TeamBerserk took to Twit­ter to boast of hack­ing HITrust.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.