Software stuff-up exposes your medical records to hackers

A medical software flaw has potentially exposed your medical information to hackers.

A flaw in Telstra Health's Argus software used by more than 40,000 health specialists has potentially exposed your medical information to hackers, according to a Fairfax Media report.

The software is used by GPs, specialists, hospitals, primary health networks and allied health providers Australia-wide to store private medical records.

“The problem is that their [Telstra's] software created another user account on the computers they were installed on. This account had a static password rather than creating a random password per install. Then this account was used by the external party to logon remotely onto the server via the built-in, Microsoft remote desktop protocol,” the medical industry source told Fairfax Media.

At this stage, there is no evidence that the hackers that breached health specialists’ computers and servers accessed, changed or downloaded records from the software. Instead, it appears the hackers used the computers to conduct illegal online activities.

Telstra is not denying the vulnerability and appears to be taking the breach very seriously. In a statement to Fairfax Media, it said: “We will not comment on the specifics of the incident other than to say that a very small group of customers with unsecured, remote desktop configurations with open internet access were impacted.”

Are you concerned about the privacy of your health records? Should additional security encryption be required to access records as a mandatory government initiative?

RELATED ARTICLES





    COMMENTS

    To make a comment, please register or login
    cookie47
    23rd Mar 2018
    12:13pm
    If hackers want to know about my Hemorrhoids good luck to them.
    buby
    25th Mar 2018
    2:25pm
    lol bloody hackers are a pain in the ass
    Hasbeen
    23rd Mar 2018
    12:16pm
    If some clown really wants to know which of my knees is the worst, they are welcome to spend their time reading boring medical records.

    If they want to use information so gleamed to try to sell me some traveling medicine man type bottle of goop, they are also welcome to waste their time & money.

    I'm afraid this news is not sufficiently devastating for me to get my knickers in a knot over it.
    Rosret
    23rd Mar 2018
    12:31pm
    Its more significant than that. Some people don't want their medical details broadcast to the world or shared on linked databases. I would imagine the medicare card details also went with the info, birth dates, address.
    How many points do you need for identity theft.
    Aussie
    23rd Mar 2018
    1:19pm
    Rosret,
    Spot on .... yes very true .... after they have your basic details the rest is very easy to get like bank accounts and passwords because they do have your details to be able to id themself as you.

    So if you think that reading about your Hemorrhoids is ok and boring ....well think a bit deep and you find that is not that boring in fact is very exciting to know about your Hemorrhoids and the rest of your info ....

    For your info there are computer programs written in a old low level language (Assembler) capable to read binary code and then translate so your passwords are reveal or at the worse the key sequences saved in the keyboard buffer history and that can be read easily ..... so just think that read about your Hemorrhoids can be a lot of fun for some people he he he he
    buby
    25th Mar 2018
    2:27pm
    Yes Rosret this may be the only other problem. Not just the bad knees exetra lol
    GeorgeM
    23rd Mar 2018
    12:47pm
    Rosret, you highlight the real concern - that "..medicare card details also went with the info, birth dates, address. How many points do you need for identity theft."

    The statement that Telstra "...appears to be taking the breach very seriously" is not good enough. Telstra, and all big companies & Govts, need to take a very hard-nosed approach to data security - including NOT Outsourcing the responsibility for such work & failures, and employing the best security practices - NO compromises with security of people's data held by them.
    Aussie
    23rd Mar 2018
    1:21pm
    Sorry George ...all Telstra software may be already outsource to India or Philippines or some other Asian country where labour is cheap ......

    Sorry mate to late we are F .....
    Anonymous
    23rd Mar 2018
    3:23pm
    @Aussie,

    That's what happens when greed means we outsource things to incompetent nincompoops from Third-World countries. They're Third-World for a reason...
    GeorgeM
    23rd Mar 2018
    3:49pm
    I agree, that's why I brought this up - Outsourcing needs to be part of the discussions and news items should focus on this which they don't as their own businesses are doing the same thing. Media / Ombudsman should ask WHO DID THIS software implementation, and ask for heads to roll and Fines to be paid.
    buby
    25th Mar 2018
    2:30pm
    *Groans*@Aussie, thats exciting to know"NOT". Now i remember why i stopped coming here. Dam sick of those Pop UPs to the left and right of the computer after everytime you answer somebody GET a griP LIFE Choices if i wanted to read about it I would. But I don't. SO STOP IT
    HDRider
    23rd Mar 2018
    1:25pm
    This is to be expected of Telstra and their software's etc. Who really cares anyway. Vladimir had your life in a micro chip somewhere ????
    The people who work in the industry are some of the biggest gossips around ????
    Now, I'll just deal with this email from Nigeria or India re my Netflix account being suspended and update my credit card details ????????????

    23rd Mar 2018
    3:19pm
    If Telstra is involved, it's bound to be a screw-up. The telcos collectively need a Royal Commission that kicks their backsides to the tune of billions of dollars.
    buby
    25th Mar 2018
    2:35pm
    YOU dam right there KNOWS a lot!
    Somebody with a fricken big hammer, and will bring it down where it is needed. I'm sure telstra and some of the Foxtel mob and probably Netflix mob, many of them trying to nag the elderly into take them oN then UPPing the price. LIke a know one lady who took on foxtel, and they upped her charges. and Telstra the bigger rip off is they selling their mobiles in Post office and the dam phones not even a couple of months old, and it won't charge! but the poor elderly lady still has to pay her monthly charges for it, and she can't use the PHone. REAlly what sort of a rip off is that???
    buby
    25th Mar 2018
    2:24pm
    why is it that i can't post?
    Blossom
    8th Apr 2018
    12:41pm
    That's why I am not on e-health records. That's probably more likely to be hacked as other medical professionals can access it so easily.....another site for hackers to poach information from