We share identity management lessons provided by cybersecurity experts from the UC San Diego health attack.
As we discussed in a previous article, the health attack on UC San Diego sparked a deep conversation between cybersecurity experts on its impact and consequences.
Part of this conversation involves identity management experts and their advice. Here are the main lessons we learned.
Identity management lessons from the UC San Diego health attack
Robert Prigge is CEO of Jumio.
“The UC San Diego Health data breach was the result of unauthorized access through employee accounts after a phishing attack, highlighting how healthcare organizations have yet to implement appropriate security that could protect the identity of employees and patients. It is highly likely that personally identifiable information was accessed or obtained during this breach, putting victims at risk of fraud or identity theft. Fraudsters can exploit medical records, lab results, social security numbers, and government ID numbers to impersonate legitimate patients and commit insurance fraud, search for covered medical care, and renew unauthorized prescriptions. It is also possible that the exposed information is already circulating on the dark web – where it can be of great value because there is more personal information in health records than any other electronic database. As the healthcare industry moves towards telemedicine and remains a lucrative target for cybercriminals, it is critical that facilities have confidence that their patient is who they claim to be. The use of biometric authentication (using a person’s unique human traits to verify identity) confirms the identity of the patient, which allows healthcare organizations to approve or deny accounts online, meeting requests and attempted purchases while protecting employee email accounts from phishing attempts.
Alicia Townsend is a technology evangelist at OneLogin.
“Once again, another healthcare facility was the victim of a phishing attack. Unfortunately, malicious actors are constantly trying to take advantage of healthcare workers in order to gain access to such a rich source of personal patient information. The extent of this particular breach has not yet been fully discovered, although early reports suggest that the bad actors were unable to gain access to a few employees’ email accounts. While they did not appear to have full access to the full patient information data stores, they did have access to the personal information of a number of patients, ranging from basic contact information to numbers. social security through medical history.
UC San Diego Health said it has taken steps to improve its security processes and procedures. We can only hope that this includes requiring additional authentication factors when their users log in to access all resources including emails. But even they admit that they need “the community to remain vigilant in the face of threats.” We have said it before and it bears repeating: healthcare establishments must implement safety training for all their users. Everyone should be educated on how to spot phishing attempts, how to protect their passwords, the importance of using additional authentication factors, and what to do if an attack is suspected.
Thank you to these identity management experts for their time and comments on the UC San Diego health attack. For more information, consult the Identity Management Buying Guide or the Solution suggestion engine.