One of the trickiest parts about IT security is recognizing when a breach has occurred so the damage can be mitigated. And that’s especially the case when organizations ignore clear warnings about vulnerabilities.
That’s what happened recently when a healthcare provider ignored repeated warnings from an IT security agency that some of its sensitive information — including patient records — may have been accessible to anyone through the Internet.
Allegedly, the Open Security Foundation (OSF) sent the warnings to an unidentified hospital after learning the organization had been the victim of a hack carried out through a SQL injection and some of its data was published on a hackers’ website. However, when a representative called the hospital, the call was directed to an IT service provider that ran the organization’s service desk.
The service provider never did anything about the issue, according to the OSF representative. And even after calling the hospital and explaining the severity of the attack, the sensitive information remained vulnerable.
Stay open to IT security warnings from outside
It’s difficult to imagine why a hospital would be that unresponsive to a warning call about a breach — especially when organizations need all the help they can get to discover and mitigate data breaches.
Many companies lose a lot of money because incidents occur and hackers continue to steal data before all the open security holes are shut.
According to the OSF, organizations should take steps to allow breaches or potential incidents to be reported by:
- Providing contact information for reporting IT security issues on the organization’s website
- Make sure the phone number and email used are active and checked regularly, and
- Have a policy requiring those issues to be acknowledged and addressed and follow up with the person group that submitted the report.
In addition to being open to reports from outside individuals and taking warnings seriously, it’s important for organizations to do their own monitoring to look for suspicious network activity.
And when a breach is discovered, a thorough investigation must be conducted to make sure all the possible back doors opened by hackers have been closed.