What does the latest breach reveal about how we might prepare for the future.
Today in health, it, what appears to be a well handled breach? My name is bill Russell. I'm a former CIO for a 16 hospital system. And creator of this week and health, it. That set of channels dedicated to keeping health it staff current and engaged. We want to thank our show sponsors who are investing in developing the next generation of health leaders.
Gordian dynamics, Quill health tau site nuance, and current health. Check them out at this week. health.com/today. Today, I'm going to cover a story from yesterday on a brief that revealed 1.3 million records at Broward health. Now for the most part, we never really know the whole story about a breach. We only know what is revealed to us. So that is what we are going to talk about. This comes from healthcare. It news. The title of the story is hackers breach info of 1.3 million.
In Florida health system incident. Now it's easy to say this is the first incident of the year, but actually this happened in October. And most of the incidents that we're going to read about in the first quarter of this year are going to be incidents that happened towards the end of last year. Here's what happened. So Florida based.
Broward health and naps this weekend that a data incident in October had affected the personal information of more than 1.3 million patients and staff members. According to a notice posted on the health systems website and intruder access its network through the office of a third party. Medical service provider. And that's one of the areas that I am most concerned about. It is the business associates that, , in the business associates agreements and the level of security that we have.
And, you know, oversight we have in those areas. No matter how robust, and this is a quote from a, , security strategist from XV, no matter how robust your security stack is, your organization can still be vulnerable to intrusion stemming from compromised credentials, especially those that belong to third-party vendors and partners noted Steve Moore.
Who's a chief. Security strategist at X beam. And he's absolutely right. And the thing that concerns me about the business associates is we do a fairly good job, , internally, you know, we've done multiform authentication. And password resets and those kinds of things that we need to do. Internally. And then sometimes we overlook the business associates in making sure that they hold true to the practices that are required.
And quite frankly, if we don't do that, we are leaving ourselves vulnerable because if they have credentials to get into our system, they can access the data. So the details of the attack, including any suspected perpetrator identities were not made public. However Broward did say that the intruders had access to the system from October 15th to the 19th.
Upon discovery said the health system. It promptly contained the incident notified the FBI and the department of justice required a password reset for all employees and engaged an independent cybersecurity firm to conduct an investigation, Broward health, also engaged, experienced data review specialist to conduct an extensive analysis of the data to determine what was impacted, which determined some patients and employees, personal information may have been impacted.
It continued. According to Broward. The DOJ requested it, delay notifying the public of the incident. So as, not as to reduce the potential compromise of the investigation, the attackers removed personal medical information from Broward systems, including name, date of birth, address, phone number.
All the things essentially you need to compromise somebody's identity. If I let the social security number, insurance information, the driver's license number, email address, so forth. While Broward had no indication that the personal information has been used to commit fraud. We recommend that you consider steps to protect yourself from medical identity. Theft said the health system.
Broward health said it is taking steps to prevent similar incidents. I would hope so. Giving network access to third-parties only increases risks said more. Again, this is the extreme security expert. As a result, even the best organizations must manage this problem perfectly. To avoid adverse outcomes as well as to ensure that partners are up to the same security standards. And.
And perfect is difficult in perfect is difficult. Well, that's a interesting statement. Yeah. I'd just leave it to read, but interesting statement. Perfect is difficult. Perfect. Almost impossible. , but I think that's going to get to my, so what on this. , let's see, let's go on proper training, feedback loops, , visibility and effective technical capabilities are the keys to managing the risks, compromise insiders and external adversaries.
To protect important health information. He said, , the incident is the latest in a long series of cyber attacks last year. , and they go on to talk about some of the incidents from the end of the year in 2021 alone healthcare organizations reported breaches compromising. More than 40 million total patient records and experts say cybercriminals likely aren't going anywhere.
Boy, there's a insightful comment. Cyber criminals. Aren't going anywhere. , and then they go on, on the record. Organizations must take a data centric approach to security in order to Uplevel. Overall risk posture said, , dear gruesome vice president of technical solutions at laminar. The biggest challenge in feeding data security teams today is that more and more organizations move towards the cloud.
They've lost track of more sensitive data. , and where that data resides. You simply cannot protect what you don't know about. Russ said. , I'm not sure that's the biggest problem. Let me get to my, so what on this. , my cell, what on this is, I agree that a data centric approach. Is a. Is really important, you know, if it truly was four days when we identified the breach, that's actually pretty good in our world. , it's not good enough, but it is pretty good.
, this is an area we have to bolster intrusion detection and data exfiltration, a data centric approach to cybersecurity and privacy is the best approach technology exists today that can be scanning the movement of data around your network and access patterns by certain credentials at all times in real time.
, since this scanning is real time, we can identify anomalies quickly and act accordingly. , this is only one aspect of a comprehensive plan for sure. But I look forward to reading about incidents that, you know, we identified in under an hour and only lead to a hundred records being lost. And that's where we need to get to. And.
You know, quite frankly, , those kinds of systems exist across the cloud as well. And so I don't think we just throw the cloud out there as, oh, it's it's not secure. The cloud is secure. Can be secured. , if we keep. You know, keep tabs on where we are moving data, where our important data is and put the right policies, procedures, and technologies.
Around that data at all times. And we do have to wrap our data. In real time monitoring at all times. That's all for today. If you know someone that might benefit from our channel, please forward them a note. They could subscribe on our website this week, health.com or wherever you listen to podcasts, apple, Google, overcast, Spotify, Stitcher, you get the picture.
We want to thank our channel sponsors who are investing in our mission to develop the next generation of health leaders, Gordian dynamics, Quill health tau site 📍 nuance, and current health. Check them out at this week. health.com/today. Thanks for listening. That's all for now.