If you read our article yesterday, you saw how much chaos can result from an insider going rogue. In fact, a large number of the breaches that continue to happen in our modern age stem from insiders. The reason that these breaches occur can vary. It could be an upset staff member or ex-staff member looking to take a hit at the organization, or some outsider attackers will even pay insiders large amounts of money to give them access or exfiltrate information. And it could even be an accidental changed setting or action that allows for massive amounts of data to be leaked. In yet another case of an insider breach, the Detroit Medical Center has suffered a leak of patient information as the result of an insider.
According to reports, an employee from a staffing agency contracted by the DMC had provided information to an unauthorized party that was not connected with the DMC. The breach may have affected 1,529 patients, and it involved “protected health information” from patients that were seen between March 2015 and May 2016. There does not appear to be any reports that detail the exact information that was affected in the breach. Though, it must have been somewhat sensitive data, as the center has notified those potentially affected, as well as offered them free credit monitoring services through ALLClear ID Alert Network. Once the DMC became aware of the breach, they began mitigative actions by reviewing all of the digital health records of which the employee had access. In addition, they terminated the relationship with the employee and their access to all of the DMC systems. The center has set up a hotline for the purpose of answering any questions related to the breach. They had also contacted law enforcement regarding the theft, and they are currently cooperating with an ongoing investigation.
The Frequent Targeting of Healthcare Organizations
Unfortunately, breaches of medical organizations continue to happen frequently. In fact, healthcare tends to be in the top 3 industries that are targeted in cyber attacks and breaches. This is largely due to the massive amount of personal and financial information that they can hold, all of which can be a treasure trove for those with malicious intent. This data can be used for various types of fraud, as well as sold on the black market for a pretty penny. Attackers could also use some of the data to contact those affected and potentially scam them for further loss. A scammer can be much more convincing when they are able to provide data that no one else would have, making it easy for them to portray themselves as a legitimate person or organization and take advantage of individuals.
Defending from Breaches and Attacks with Cyber Security Monitoring
Of course, not all breaches stem from insider threats, as many can come about through brute force attacks or clever methods of slipping under the radar. A large issue with data breaches and cyber attacks is that many organizations do not discover them for some time, which allows the threat to exfiltrate more data or cause further damage. This is where cyber security monitoring is absolutely vital. Proper monitoring allows an IT staff member or dedicated analyst to have a more extensive awareness of the status of their networks and systems. Any sort of anomaly or indicator will be relayed to them, which they can then investigate and handle if turning out to be malicious. This allows for threats attempting to breach or exfiltrate to be immediately discovered, rather than going undetected for months or years. Massive Alliance offers comprehensive cyber security monitoring that can help organizations to protect themselves in real time.