Jump to content


Health Ministry presses charges against hospital database hacker


snoop1130

Recommended Posts

bcbba740c3dd36d514066bc568cd23a3_small.jpg

 

BANGKOK (NNT) - The Ministry of Public Health is pressing charges against the hacker leaking personal information from a hospital database, confirming the incident is not a ransomware attack, and that no sensitive information has been leaked.

 

The Ministry of Public Health (MOPH) today announced it is pressing charges against the hacker who has obtained and sold personal data from a hospital database in Thailand.

 

This response from the Health Ministry comes after an offer posted on 5th September posted in an online forum to sell a set of data containing 16 million records hacked from a hospital in Thailand.

 

The Deputy Permanent Secretary of Public Health, Dr Thongchai Keeratihattayakorn said today the investigation and initial damage assessment launched by the ministry shows the information leaked is a set of 10,095 patient records obtained from a hospital in Phetchabun province, including personal information such as names, addresses, and phone numbers.

 

The leaked data also includes hospital-related data such as shift rotations and appointment schedules. However, no information related to patients’ treatment is included.

 

Dr Thongchai said the ministry believes the hackers involved in the case are the same group as those behind the ransomware attack at Saraburi Hospital last year.

 

Dr Anan Kanoksilp, Director of the MOPH’s Information and Communication Technology Center, said today the hospital in this case is found to be using an open-sourced application requiring internet connection as part of its IT system, creating vulnerability yo cyber attacks.

 

To date, the hospital has disabled its connection to external networks, while its IT systems are still operational. The incident is also not a ransomware attack, where the hacker would encrypt the data preventing any access, and demand payment in exchange for the decryption key.

 

Dr Suttipong Wacharasindhu, Deputy Secretary General of the National Health Security Office, commented today that health-related personal information must be treated as confidential. The exposure of such information causing damage considered a breach of personal rights, an offense punishable by the National Health Act with up to six months imprisonment, a 10,000 baht fine, or a combined penalty.

 

Following the incident, the Ministry of Public Health has pressed charges with the police against the hacker.

 

Deputy Prime Minister and Minister of Public Health Anutin Charnvirakul, said today the ministry will be discussing the enhancing of cybersecurity measures, saying however that he believes each hospital already has adequate measures to safeguard patient information.

 

nnt.jpg
  • Sad 1
Link to comment
Share on other sites

 

 

7 hours ago, snoop1130 said:

Dr Thongchai said the ministry believes the hackers involved in the case are the same group as those behind the ransomware attack at Saraburi Hospital last year.

I imagine as they failed to get them last time, pressing charges is all bluster and no action

  • Like 2
Link to comment
Share on other sites

From the OP -

"Deputy Prime Minister and Minister of Public Health Anutin Charnvirakul, said today the ministry will be discussing the enhancing of cybersecurity measures, saying however that he believes each hospital already has adequate measures to safeguard patient information."

 

555

  • Like 1
  • Haha 1
Link to comment
Share on other sites

12 hours ago, snoop1130 said:

The Ministry of Public Health (MOPH) today announced it is pressing charges against the hacker who has obtained and sold personal data from a hospital database in Thailand

Yet they say no sensitive material was released, the post contains a lot of conflicting statements??

 

  • Like 1
Link to comment
Share on other sites

1 hour ago, canthai55 said:

From the OP -

"Deputy Prime Minister and Minister of Public Health Anutin Charnvirakul, said today the ministry will be discussing the enhancing of cybersecurity measures, saying however that he believes each hospital already has adequate measures to safeguard patient information."

 

555

My initial thought was 'obviously not' 555

Link to comment
Share on other sites

Maybe they should start to consider having professional IT-companies make and secure their systems.


Put focus on actually getting a proper system and less attention to kick-backs and hiring incompetent friends for the job.

 

Ohh what am I thinking… will of course never happen.

  • Like 1
Link to comment
Share on other sites

5 hours ago, Swiss1960 said:

They should press charges against the incompetent (self-deleted expressions) who were responsible for designing, developing, testing and approving the Go-Live of that database/application. 

I'm pretty sure you can't prosecute 14 year old children working on things as a school project ????

Link to comment
Share on other sites

1 hour ago, canthai55 said:

From the OP -

"Deputy Prime Minister and Minister of Public Health Anutin Charnvirakul, said today the ministry will be discussing the enhancing of cybersecurity measures, saying however that he believes each hospital already has adequate measures to safeguard patient information."

 

555

Yep, seems that way, doesn't it? 

Link to comment
Share on other sites

They need people with a background in security to make these apps.

 

Professionals.

 

Doing things always on the cheap will ultimately cost you more in the long run.

 

Stop getting some generals kids to make these important apps.

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.