A flaw in Telstra Health’s Argus software used by more than 40,000 health specialists has potentially exposed your medical information to hackers, according to a Fairfax Media report.
The software is used by GPs, specialists, hospitals, primary health networks and allied health providers Australia-wide to store private medical records.
“The problem is that their [Telstra’s] software created another user account on the computers they were installed on. This account had a static password rather than creating a random password per install. Then this account was used by the external party to logon remotely onto the server via the built-in, Microsoft remote desktop protocol,” the medical industry source told Fairfax Media.
At this stage, there is no evidence that the hackers that breached health specialists’ computers and servers accessed, changed or downloaded records from the software. Instead, it appears the hackers used the computers to conduct illegal online activities.
Telstra is not denying the vulnerability and appears to be taking the breach very seriously. In a statement to Fairfax Media, it said: “We will not comment on the specifics of the incident other than to say that a very small group of customers with unsecured, remote desktop configurations with open internet access were impacted.”
Are you concerned about the privacy of your health records? Should additional security encryption be required to access records as a mandatory government initiative?