Major Data Breach Integris Health

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.

HillsideDesolate

Sharpshooter
Special Hen
Joined
Nov 5, 2022
Messages
5,583
Reaction score
14,451
Location
Edmond
More likely just a inattentive employee who opens up a suspicious email and clicks a link to spyware/malware.

Or some end-of-life server OS that was never upgraded/replaced so it was vulnerable to security attacks.
I can honestly see it just being Integris milking patients for $50.
 

BobbyV

Are you serious?
Supporting Member
Special Hen Supporter
Joined
Dec 31, 2013
Messages
5,924
Reaction score
8,654
Location
Logan County
80 percent of it I'd say is outdated equipment on the edge of their networks meaning their firewalls, lately there has been such a flood of zero day attacks that it's hard to believe the manufacturers aren't doing this intentionally. An insider attack in the IT field wouldn't be as likely because of how much the IT community talks. You would be black balled quick after one suspected incident.
Yep. It's crazy how much facilities use networked medical equipment that they don't replace because of all of the FDA certifications and limitations on what they can use. I was in IT security for almost 10 years and most of the folks I worked for had no clue what I did or why I wouldn't give approval for anything and everything they wanted to add to the network.
 

SoonerP226

Sharpshooter
Special Hen
Joined
Jan 1, 2013
Messages
14,771
Reaction score
16,697
Location
Norman
The problem is not so much the workstations that are offline only devices that cause the issue, its usually the ones sitting behind a desk with access to both the internet and the servers with sensitive data on them that cause the breaches.
That’s a very poor network design. Systems that can’t be updated should be isolated from everything else by the network architecture, especially from systems that have Internet access.
 

Russ IT Guy

Sharpshooter
Special Hen
Joined
Jun 4, 2023
Messages
191
Reaction score
287
What about almost every time you call CS it connects you to some place in BFE, India telling the person that barely speaks English all of your personal and account information? I'm sure it's not that since a lot of my spam emails are from a rich Indian prince relative that left me money.
Who would've ever thought there were so many Indian royalties that Americans derived from lmao
 

Russ IT Guy

Sharpshooter
Special Hen
Joined
Jun 4, 2023
Messages
191
Reaction score
287
Yep. It's crazy how much facilities use networked medical equipment that they don't replace because of all of the FDA certifications and limitations on what they can use. I was in IT security for almost 10 years and most of the folks I worked for had no clue what I did or why I wouldn't give approval for anything and everything they wanted to add to the network.
It's quite scary and infuriating honestly, I'm about 20yrs and rolling in the IT field but the company I work for supports about 160 companies across different industries. Doesn't seem to matter what industry it is, they will not upgrade their security until they get hit. It's like leaving your business unsecured because you think you're too small for a criminal to notice or don't think they would have the balls to do it, completely insane.
 

Russ IT Guy

Sharpshooter
Special Hen
Joined
Jun 4, 2023
Messages
191
Reaction score
287
That’s a very poor network design. Systems that can’t be updated should be isolated from everything else by the network architecture, especially from systems that have Internet access.
Myself being a security focused engineer I always push clients to a zero trust methodology, problem is that most do not want it or think it's just a sales pitch to get more money out of them
 

Latest posts

Top Bottom