In Béthune in Pas-de-Calais, medical files from a private clinic were freely accessible on the web for three days. Blame it on the firewalls that were open.
2015 will be the year of the “hospital hack”, predicted in December 2014 the magazine MIT Tech Review . And France has not escaped this threat. The list of affected establishments is long. Among them, the Polyclinique de Blois (Loir-et-Cher) which faced an extortion attempt through its computer system.
Then shortly after, the group of hackers Rex Mundi attacked the laboratory of medical biology Labio, from which it asked 20,000 euros under penalty of disseminating the results of analyzes of patients on the Internet. Finally, the 1er May 2015, at the Marie Curie Center (Valence), members of the radiotherapy department discovered with amazement the pirating of two network disks containing the data of patients, who, for 24 hours, could not undergo their radiotherapy session.
The end of a computer black series for healthcare establishments? Not really.
Open access documents
The year 2016 also seems to have its share of IT concerns for the health sector. First with malicious geeks attacking a Californian hospital, or recently in Béthune (Pas-de-Calais), when following a bug, medical files were freely accessible on the web for at least three days.
In this story reported by The voice of the North, it was a researcher in history who was the first to discover the fault. While searching the internet for old news items in the region, the man came across some strange links. Some referred it directly to the medical records of patients of the Private Hospital Group of Artois. And for some patients, it was in addition to very recent files!
In free access on computer screens, anyone could find a multitude of documents in PDF: results of blood tests, ultrasound reports, scanners, or even, the inclinations of patients for alcohol . Worse, the names and addresses of patients were found.
A firewall problem
Contacted by the regional daily on Thursday, the management confided in their astonishment: “I have not heard of a computer hacking,” said Olivier Verriez, CEO of the private hospital group Artois-Nord-Littoral. Fortunately, everything was back to normal during the day. “From now on, the Internet site is authorized only to doctors via an identifier and a secret code, everything is again secure”, he assured.
“Our service provider carried out an intervention on Tuesday. He had lifted the firewalls … and forgot to close them! It is an immediate and remote repair, everything is back to normal, ”he concluded.
The importance of ensuring the correct adjustment of the “firewall” of your computer system …
Posted by Why doctor on Friday, February 19, 2016
.
