Disclaimer: We may earn a commission if you make any purchase by clicking our links. Please see our detailed guide here.

Follow us on:

Google News
Whatsapp

Hackers Mining Third-Party Apps to Steal Your Health Data: Report

IANS
IANS
Meet the voice behind Indo-Asian News Service (IANS), a storyteller navigating the currents of global events with precision and depth. Crafting narratives that bridge cultures, IANS brings you the pulse of the world in every word

Hospitals and health care systems have become a major target for hackers during the Covid-19 pandemic. A new report has claimed that third-party apps that pull patient data from electronic health record (EHR) systems are vulnerable to hacking.

The researchers at app security company Approov were able to access over 4 million patient and clinician records from over 25,000 providers through third-party apps that link up with hospital health records to pull out data.

Cybersecurity analyst Alissa Knight got access to more than 4 million patient and clinician records by exploiting vulnerabilities in data aggregators’ application programming interfaces, along with associated apps that track medications and share patient records, – reports STAT News.

The records included demographics, lab results, medications, procedures, allergies, and more.

“Collectively, the tested tools can read and write data to the major EHR systems,” the report said on Monday.

Knight checked for vulnerabilities in apps built using the Fast Healthcare Interoperability Resources (FHIR) standard.

“She didn’t need to use advanced cybersecurity hacking. She just used basic stuff that your freshman year of cybersecurity would have stressed,” said John Moehrke, a member of the FHIR management group.

The electronic health records housed at hospitals and health centers are well protected.

“But as soon as a patient gives permission for their data to leave the health record and head toward a third-party app – like programs that track people’s medications, for example – it’s easy for hackers to access,” The Verge reported.

The hacking attempts on the healthcare industry began to rise last year during the pandemic.

In 2020, 1 million people were affected almost every month by data breaches at healthcare organizations, according to health and human services (HHS) data.

According to warnings from intelligence agencies in the US, Europe, and Canada, nation-state-backed hackers are also trying to infiltrate healthcare systems and steal vaccine-related research and other information.

Four years ago, the UK’s National Health Service (NHS) suddenly found itself one of the most high-profile victims of a global WannaCry ransomware attack.

Recomended

Partner With Us

Digital advertising offers a way for your business to reach out and make much-needed connections with your audience in a meaningful way. Advertising on Techgenyz will help you build brand awareness, increase website traffic, generate qualified leads, and grow your business.

More from this topic