The week in security: Healthcare breach prompts govt security response

Tax giant H&R Block took a big step with the implementation of a new staff-onboarding system that uses a secure identity framework to confirm identity, while US shipping company United Parcel Service (UPS) was trying to confirm some other identities after its UPS Store subsidiary was hit with a security breach that saw malware loaded on systems in 51 stores.

Analysis of a 300Gbps DDoS attack earlier this year found that hackers managed to pull it off by exploiting an obscure motherboard-level flaw, while two US supermarket chains were hacked through less esoteric means. News reports suggested Foreign Minister Julie Bishop's mobile was hacked while she was liaising with overseas peers to discuss the shooting down of flight MH17, while Chinese hackers broke into the systems of major US hospital operator Community Health Systems and stole data on 4.5 million patients.

That compromise prompted the inevitable analyses suggesting that healthcare organisations are too lax on data security,while others said the breach was due to an attack on a Heartbleed flaw. Either way, the breach prompted US government agencies to commit to a faster response and better information sharing with healthcare organisations.

Register or Login to continue

This article is only available for subscribers. Sign up now for free and get free access to premium content from ARN, CIO, CSO, CMO, Computerworld, and PC World.

[[ message ]]
[[ message ]]

Tags DDoS attackdigital signatures

Show Comments