This week, a division of the National Health Service Scotland was struck by a cyberattack, potentially disrupting services and exposing patient and employee data.
A researcher disclosed a Salesforce configuration error that exposed millions of Irish citizens' COVID vaccination data from that country's Health Service Executive.
The two incidents, separated by a quick hop over the Irish Sea, speak to the ongoing challenges healthcare organizations face in protecting patients' most sensitive personal identifiable information and personal health information.
Salesforce Bug in Ireland's COVID Vaccination Portal During the onset of COVID's Omicron variant in December 2021, Aaron Costello, principal SaaS security engineer at AppOmni, discovered a severe misconfiguration in the Salesforce-based online vaccination portal for Ireland's HSE. In a blog post published on March 14, he explained how an oversight allowed regular, low-level accounts belonging to HSE patients unprecedented access to the part of the system responsible for storing information about vaccine administration.
The exposed object in question included full names of patients and all information relating to their jabs: the brand of vaccine, date, location, and site at which it was administered, and any reasons they accepted or refused it.
Documents belonging to staff members, and information related to internal IT issues and processes, were also exposed.
In the time since, Salesforce has gradually implemented a number of positive changes for preventing this kind of error and mitigating the consequences that might occur from it.
A built-in health scanner attempts to uncover such vulnerabilities in customers' environments, and more robust logging allows administrators to better analyze the activity of users, especially when they're interacting with potentially sensitive APIs.
New policies and configurations attempt to conceal sensitive information, even in cases where they're exposed by misconfigurations.
Dumfries and Galloway is the southernmost council area of Scotland, with a population of approximately 150,000.
More specific details about the cause, nature, and consequences of the breach are yet to be publicized.
They're doing their best with the resources they have available to them.
This Cyber News was published on www.darkreading.com. Publication date: Fri, 15 Mar 2024 20:40:33 +0000