The Bangkok Post is reporting that almost 39 million health records were reportedly stolen from Bangkok Siriraj Hospital and are being offered on the dark web for sale. A poster on Raidforums.com that goes under the name of “WraithMax” offered to sell the data and supply a sample file via Telegram. The poster claims the data includes names, addresses, Thai IDs, phone numbers, gender details, dates of birth and other information. Excerpts:
“There was a large data leak concerning Siriraj’s patient records that has been offered for sale,” Dr Sutee Tuvirat, an information systems security professional, told the Bangkok Post.
The data is not only from Siriraj Hospital but also from nearby Siriraj Piyamaharajkarun Hospital, which has records of VIP patients, he said.
Most local hospitals still had no cybersecurity teams or chief information security officers who could monitor threats.
“Even some department stores which invested in cybersecurity have been hacked, but hospitals which keep a great deal of sensitive data still do not make investment in this area a priority,” Dr Sutee said.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
