Pagers may leak protected health information: Report
New York, Nov 22 (IANS) Pagers may be things of the past but some health care providers still use the device and this may be leaking your protected health information to create possible attack scenarios, a study said on Tuesday.
Attackers use information from unencrypted pager messages to do reconnaissance, social engineering or some form of targeted attack or sabotage, reported Trend Micro Incorporated, a global leader in security software and solutions.
Since private information sent over the air through paging technologies have no encryption and authentication, possibility of an obvious attack to take advantage of the information remains there.
The research revealed that the lack of encryption on private information has been overlooked for a long time.
Details like email, phone numbers, date of birth, syndromes and diagnosis may be breached and cybercriminals may be able to track specific cases based on medical record numbers in the sent pages.
“This allows them to follow a patient’s transaction with the hospital: from the time a patient’s case is transferred from an outside facility, all the steps taken to assess, diagnose and treat the patient, up until the patient is discharged,” the report added.
“We saw this problem across the globe, including Asia, Europe, and North America, which means it’s not an isolated occurrence that we, by chance, witnessed in one country or a singular organization,” the report said.