[BreachExchange] Hospital hack prompts call for cooperation

[Sophia Kingsbury]

https://www.bangkokpost.com/thailand/general/2179295/hospital-hack-prompts-call-for-cooperation

The Cyber Crime Investigation Bureau is seeking cooperation from the
kingdom's international partners, including the United States, to
investigate the hacking of a patient database at Phetchabun Hospital.

A security breach was reported early this week after a user on
raidforums.com, a database sharing and marketplace discussion forum, on
Sunday claimed to be selling 16 million patient records that were stolen
from the Public Health Ministry.

The ministry later clarified that data was stolen from Phetchabun Hospital
when its servers were breached. Data for over 10,000 patients was stolen by
the hacker, the hospital said.

Attempting to quell concerns over the matter, the hospital insisted the
hacked data only contained general and primary information provided by
patients, noting the stolen data did not contain any medical or diagnostic
information.

Meanwhile, the Bhumirajanakarindra Kidney Institute Hospital recently
revealed that 40,000 of its patient records were stolen and its data system
was damaged during a security breach, resulting in the hospital being
unable to access its X-ray archive.

Thirachai Chantharotsiri, director of the hospital, said the facility
received a phone call from a foreigner who claimed to have important
information about the hospital's database and tried to negotiate for a
payment.

The hospital lodged a complaint with police on Wednesday.

The CCIB said its preliminary investigation showed that a group of Indian
hackers was behind the security breach at Phetchabun Hospital, and it was
using a server in Singapore.

The group was also likely behind the hacking of a computer system at a
hospital in the Northeast and that of Krungthai Bank, the CCIB had said
earlier.

However, Pol Lt Gen Kornchai Klayklueng, commissioner of the CCIB, on
Thursday said more recent information indicates the hackers were operating
in the US.

The CCIB will seek cooperation from US authorities and other international
agencies to track them down.

He said the initial findings suggest Phetchabun Hospital downloaded a free
content management system (CMS) programme without setting a proper IP
address, and that opened a way for hackers to enter.

Breaches in other state and private agency databases are likely to be
associated with the compromised CMS programme, Pol Lt Gen Kornchai added.

He said the number of victims in this case is likely to be higher than that
reported by the media as the CCIB has found stolen records being sold on
the discussion forum.

Minister of Digital Economy and Society Chaiwut Thanakamanusorn said the
ministry will tell state agencies to be more aware of the importance of
data protection and boost measures in the wake of the breaches.

He said that the Cybersecurity and Computer Crime Acts are key legal tools
in dealing with cyber security threats.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210910/e7258bc4/attachment.html>