- This topic has 5 replies, 6 voices, and was last updated 1 year, 5 months ago by Tanatorn Tilkanont.
-
AuthorPosts
-
-
2022-09-21 at 4:54 pm #38220Siriphak PongthaiParticipant
1. Provide a brief description of the story.
CorrectHealth (CH), which provides healthcare to individuals inside correctional facilities, reported a data breach that impacted 54,000 individuals. CH discovered several employees email accounts were accessed by unauthorized individual on November 10, 2021. A comprehensive review of the affected accounts, that may have been exposed between March and July 2022. The incident potentially impacted full names, Social Security numbers, and addresses. Then CH issued all employees to reset their passwords, deployed an advanced phishing service, put disclaimers on all externally received emails, implemented multi-factor authentication, a single sign-on solution for clinical staff, and conducted weekly data security and monthly simulated phishing training for all employees.2. What is/are the impact of this data breach? Consequences of the data breach.
Those affected data can be misused and illegally used as the impact of this data breach. For example, full name and security number, also addresses, can be used in verifying and identifying financial related procedures including but not limited to bank accounts, credit cards or credit bureaus, and insurance reimbursement. Then individuals whose information were potentially disclosed should be closely monitored and aware for suspicious or unauthorized activities.3. How did the data breach occur?
The data breach occurred by accessing through emails of CH’s employees and gaining individual information from employee’s emails, not sure if attackers could also access employee’s computer or not. But confirmed patients’ protected health information (PHI) was present in the breached email accounts.4. What should be the main cause of the data breach? Provide a brief explanation of the cause of data breach, such as phishing, ransomware, HIPAA violation, database misconfiguration, human error, third-party vendor error)?
The main cause of the data breach in this scenario was caused by external accessed through employee emails, which it is phishing. Phishing is a type of cybersecurity attack which attackers send messages by email pretending to be a trusted person or organization. Since employee clicked a link to a malicious website that subsequently compromised their email account. Attackers can use employee’s credentials to remotely log in, access employees email accounts, and subsequently gather patient’s information.5. How could you prevent this data breach attack?
To prevent data breach attack, organization should educate and their employees about security awareness. This includes not to click suspicious link or attachment from external received emails. If employees suspect a suspicious email within their outlook or inbox, they should report phishing to IT department. Employees should also not use or share USB from external computer and if necessary, the USB should be checked by IT administer. Also, all suspicious emails and websites should be automatically blocked by network system. In addition, organization should have issued changing password policy, for instant every 90 days, and two-factor authentication in verifying and identifying individual to prevent unauthorized accessed. Lastly, having vendors in preventing data breach through many ways are very important for data integrity and confidentiality.By initiating and conducting security awareness training, also refresher of this training every year or periodically, will enhance employee’s awareness to cybersecurity breaches. Yet, continuing monitor of suspicious or unauthorized accessed and activities are another key to early detect of cyberattacks.
-
2022-09-22 at 8:39 pm #38243Boonyarat KanjanapongpornParticipant
Thank you for your comprehension,
For Phising protection, I agree with you on raising security awareness and knowledge among workers. These are some of the most important protection. Using vendor for data prevention is also a great idea for big organizations. However, if they are limited in budget, I would suggest to protect the system connection and software as well by using protection program such as firewall, and to regularly detect software vulnerabilities.
Thank you. -
2022-09-24 at 4:23 pm #38309SaranathKeymaster
People ware is the most important factor for the system security. Thanks for sharing!
-
2022-09-24 at 10:24 pm #38330Tanyawat SaisongcrohParticipant
Thank you for sharing. Besides user security methods that you mentioned, network security such as using secure network protocols, access control to network devices and data encryption during transit should be concerned.
-
2022-09-25 at 2:41 pm #38343SIPPAPAS WANGSRIParticipant
In my opinion, although not a preventive measure, event logs could be used to trace suspicious activity. To prevent this kind of attack, raising employees about Phishing attack such as carefully check the correct URL is crucial and is utmost important. After phishing is successfully done, the compromised credentials need to be revoked as soon as possible to prevent further damage.
-
2022-10-03 at 12:24 am #38502Tanatorn TilkanontParticipant
Education is a key!
Thanks for comprehensive information.To prevent Phishing, user should be able to identify a Phishing e-mail by training user on how to spot a phishing email. Additionally, installation of the Anti-Phishing add-ons or Data Security Platform to detect the signs of an attack would be another way to prevent this phishing attack.
-
-
AuthorPosts
You must be logged in to reply to this topic. Login here