Hospital hackers could steal your identity

Font Size:

According to the Australian Digital Health Agency (ADHA), the controversial My Health Record system now holds 31 million clinical documents and in excess of 1.3 billion Medicare documents.

When the system was launched, there were concerns about the security of the data, but many who chose to participate in My Health Record may not have been aware of the information that is being targeted by hackers.

According to data from the Office of the Australian Information Commissioner, private health providers have been consistently at the top of the Notifiable Data breaches quarterly reports, meaning hackers are very interested in accessing health records.

Also some Victorian hospitals went into lockdown and surgeries were cancelled after a cyber attack earlier this week.

Now new research has uncovered the specific data that can be leaked through health record breaches and what can be done with it.

Michigan State University and Johns Hopkins University are the first to uncover the specific data leaked through hospital breaches.

“The major story we heard from victims was how compromised, sensitive information caused financial or reputation loss,” said John Jiang, the lead author of the study.

According to the research, a criminal might be able to apply for a credit card using the information obtained through a breach of health records.

Until now, researchers have not been able to classify the kind or amount of public health information leaked through breaches, thereby never getting an accurate picture of breadth or consequences.

To uncover what specific information was exposed, the researchers classified data into three categories:

  • demographic, such as names, email addresses and other personal identifiers;
  • service or financial information, which included service date, billing amount, payment information;
  • medical information, such as diagnoses or treatment.

“Within medical information, we classified information related to substance abuse, HIV, sexually transmitted diseases, mental health and cancer as sensitive medical information because of their substantial implications for privacy,” Dr Jiang said.

Over 70 per cent of the breaches compromised sensitive demographic or financial data that could lead to identity theft or financial fraud.

“Without understanding what the enemy wants, we cannot win the battle,” said report co-author Ge Bai said.

“By knowing the specific information hackers are after, we can ramp up efforts to protect patient information.”

Dr Jiang said hospitals and other healthcare providers could effectively reduce data breach risks by focusing on securing information if they have limited resources. For example, implementing separate systems to store and communicate sensitive demographic and financial information.

Are you a part of the My Health Record system? Are you worried that your personal health information could be stolen or hacked?

If you enjoy our content, don’t keep it to yourself. Share our free eNews with your friends and encourage them to sign up.

Join YourLifeChoices today
and get this free eBook!

By joining YourLifeChoices you consent that you have read and agree to our Terms & Conditions and Privacy Policy


Cheaper medicines for 500,000 Australians

New PBS listings set to save some patients more than $100,000.

What are the criteria to be eligible for sickness allowance?

Geoff wants to know if he is eligible to apply for sickness allowance.

Climate change and ageing population creating ‘a perfect storm’

Climate change and ageing populations are interacting to create 'a perfect storm'.

Written by Ben


Total Comments: 16
  1. 0

    I’m more concerned about government misuse of personal information given in good faith….. the old maxim that he who controls information controls society runs true, and governments thus far have a history of selling personal information for profit, as if it is something they own.

    Such an approach is disgusting.

    The Ministry Of Truth In Personal Privacy will ensure that nobody invades your privacy but the Ministry and will carefully filter those who are given access to your privacy. All Hail Big Brother!

    • 0

      It’s a conspiracy, everyone loses, I blame Tony Abbott. Then along came Sco mo hmmm :))

    • 0

      Polly this was a Labor initiative which just happened to be introduced during the Liberal governments term in office.

      Its an incredible breach of privacy not just from serious hacking breaches – its open to 900 000 medical employees.

    • 0

      Yes, Ros – Labor and LNP are equally guilty of the hubris of desiring total control over our society and its people so as to fit them to their ways exclusively – they should both take heed of activities in Hong Kong….

      I applaud the Hong Kongese for their courage in standing up to be counted….. and demanding guarantees of basic rights…. this could lead to Downfall for the current Chinese ‘government’ of Neo-Mandarins…… really a group of industrial warlords working for a common end – their enrichment.

      So – when do we march on Canberra?

  2. 0

    Jeez – let’s split this joint, Igor -pretty dead audience…

  3. 0

    Amen Trebor! “Who guards the guards”
    Then The Ministry Of Truth In Personal Privacy decide that there’s an epidemic! So big that they alone cant handle the data. So they contract it out…..
    OR, “Someone” in the “we’re so honest” Government reckon to save money (read: give their mates a job, for example the current debacle around Dutton’s plan to privatise the Australian Visa System), they should privatise The Ministry Of Truth In Personal Privacy.
    And to make money, The New Ministry Of Truth In Personal Privacy sell off YOUR data. Mainly to insurance companies and the like so they can tailor your cover (aka charge you more if you have a family history of sickness).
    And of course the newly privatised The Ministry Of Truth In Personal Privacy get taken over by a “large multi-national investment company” based in the Cayman Islands. (Healthscope? NSW Electricity?)

  4. 0

    More privacy breaches have occurred through Facebook than through the My Health Record data. Should we all close our Facebook pages? Of course, then there’s the issue of Zuckerberg actually selling so called depersonalised data blocks to his advertisers so that they can better target Facebook users with ads. Once recorded anywhere, we lose control of our personal data. Welcome to the digital age!

    • 0

      Which is why I do not have any social media accounts or a My Health Record.

    • 0

      Yeeee-ussssh – but I would consider the kind of info put out on Farcebook less important than information given in good faith to a government department….

      Choosing to throw your personal life onto Faecesbook is your own choice – you have no choices about your health information, other than to allegedly say it is not to be included in My Health Record.

      I have already indicated to you that one time when I was admitted to a hospital with chest pains, the Indian lady doctor – obviously not ‘in the know’ – even asked if I had once lived in a certain street when I was a child – even though that street name and even my own name have changed since……. (my own name for reasons you may not access)…..

      Health records go back for your whole life………… your whole life …… your whole life …… ‘concern’ about My Health Record is a smokescreen………. be advised…

      **ahem* yes, I have had previous connections with our top security agency and the AFP…… but no – you cannot find that anywhere – and nor can I….. I speak plainly because of an act of betrayal by my own government over this and similar issues………..

    • 0

      KSS are you aware how many cookies are attached to the YLC site. – Only honest people don’t know our real name and email address.

  5. 0

    Technology is supposed to be so fucking good, why can’t they trace the hack. that would be unAustralian in this crim loving country.

    • 0

      It’s takes dedication and money – and no government is willing to take the chance on employing people of sufficient skills, since to do so is itself a security concern – who knows what people who you do not understand will do without your knowing?

      Catch – 22.

      Again – it would come down to a question of who guards the guard who guards the guard, while that guard protects you?

      Sadly – a reversion to paper files might be the only solution……

  6. 0

    Technology is supposed to be so fucking good, why can’t they trace the hack. that would be unAustralian in this crim loving country.

  7. 0

    No. Far too risky.

    Not only that the NSW government were recently running a competition to get civic minded citizens to sign up to their website. The only catch – you need to give them your medicare number – online! To whom??? – some foreign outsourced software company?

    The government, banks and educational institutions have become very laissez faire with our data.

  8. 0

    Until the governments of the world and private companies like google and Intel are forced to make secure computers and allow decent encryption for the likes of us this mess will continue
    Companies, governments and their agencies do not want secure computers with no backdoors.
    It is all too late and we all have to assume all the time our digital footprint ID and medical records etc are not secure and are open to all governments and also to the highest bidder in the private industry and or black market hackers for profits.
    Note: There are no secure computers/phones anywhere in the world !
    In cyber land you are all standing fully undressed for all those who want to look at your digital nipples, bum, pimples and wrinkles.
    There are no digital towels in cyber space to hide behind!!

    • 0

      Did you see the ABC program on ANU being hacked and how it was done?

      Astoundingly simple these days to get that first lever, and then prise open the doors…..

      N.B. What you say about real cyber security AND what I’ve stated above are why I have no fear of speaking out … I’ll take that risk, and the security services know full well who I am – but they may be slowly turning to my way of thinking…. finally. The real security of this nation depends not on some hardline adherence to an ideological offshoot (such as the belief that the preservation of the realm means adopting a very right-wing approach to security) …… it depends on TRUTH… and preserving the basic rights of your people is one cornerstone of national security.



continue reading


How to … fall back asleep

Waking up at night and struggling to get back to sleep can be stressful and exhausting. According to WebMB, around...


Curing the incurable: Why some patients make astounding recoveries

As a GP and someone who works in the holistic health field, Dr Jerry Thompson has long been interested in...


The 'ism' that's rife and no, it's not okay

Ageism, like all 'isms', creates a social hierarchy and disadvantages people based on an aspect of their diversity. Compared to...


When conversations become a competition

Australia has a well-deserved reputation for being a very competitive nation on the world stage. Perhaps it dates back to...


Wakey wakey - a history of alarm clocks

Matthew S. Champion, Australian Catholic University Australians are returning to our normal rhythms. The first beats of the day are...


The top-selling-souvenir from every country in the world

Do you buy souvenirs to remember your overseas holidays? If so, we imagine you have been looking at these very...


ACCC to keep a keen eye on travel issues this year

Australia's consumer watchdog expects to have its hands busy dealing with COVID-affected travel complaints this year. In his annual address...


Cruisers turn to superyachts to satisfy their cruise cravings

Typically, Australia is one of, if not, the biggest cruise market in the world. It wasn't so long ago that...