Internet Security Insider Melih Abdulhayoglu discusses a recent incident at the Akron Children’s hospital. The incident suggests that protected healthcare information, among the most regulated and protected information out there is not always as protected as you might think. In this case, a man who’s real goal was to spy on his girlfriend, a hospital employee, ended up obtaining lots of confidential patient information – that he had no interest in.
While it’s true that he sent her an email in the hopes of setting up spyware, he didn’t realize she would open up her Yahoo mail on her work PC, and infect her work computer.
Ironically, this guy got caught and was indicted on federal cyber crime charges relating to the hospital information breach, while most cyber crimiinals, intent on stealing such information, are never caught or prosecuted.
Moral of the story – people and businesses need much better protection from malware – a threat this simple never should have produced these results.