BlueLeaks Exposed Some COVID-19 Patients’ IDs – Cybersecurity Experts Perspective

A South Dakota news site reveals that the June 2020 “BlueLeaks” massive data breach resulted in the exposed identities of the state’s citizens who tested positive for COVID-19: Massive data breach affects SD COVID-19 patients. In response, cybersecurity experts offer thoughts.

Experts Comments

August 24, 2020
Dan Piazza
Technical Product Manager
Stealthbits Technologies
Protecting personal information is more important than ever as attackers become more sophisticated and data privacy regulations are enacted. Given the current pandemic, an individual’s COVID-19 status is likely to be one of the hottest personal information topics. This data breach was originally due to failure to properly secure the affected websites, as attackers used methods that are decades old to break in. This was compounded in South Dakota when Texas-based web hosting company.....Read More
Protecting personal information is more important than ever as attackers become more sophisticated and data privacy regulations are enacted. Given the current pandemic, an individual’s COVID-19 status is likely to be one of the hottest personal information topics. This data breach was originally due to failure to properly secure the affected websites, as attackers used methods that are decades old to break in. This was compounded in South Dakota when Texas-based web hosting company Netsentinel didn’t properly secure personal records, which gave attackers access to each individual’s COVID-19 status on top of other personal data. As we continue to see, overprovisioned access to sensitive information can have devastating results. When access to data in a network is properly provisioned with a least privilege model, then the risk of data being stolen is drastically reduced even in the event of a breach. Users should only have access to the minimum amount of data required to perform their functions as an employee, otherwise even a single compromised user can give an attacker the keys to your data kingdom.  Read Less
August 24, 2020
Chloé Messdaghi
VP of Strategy
Point3 Security
We don’t know how the attacker or group of attackers got into the data or what vulnerability was exploited, but it appears that resources and information that were easy to find online and that could've been tagged by anti virus software as malicious were used, so at least some of the websites were possibly out of date. This serves as yet another reminder that local and state websites – even if maintained by third parties – are often out of date and their software isn’t patched on time......Read More
We don’t know how the attacker or group of attackers got into the data or what vulnerability was exploited, but it appears that resources and information that were easy to find online and that could've been tagged by anti virus software as malicious were used, so at least some of the websites were possibly out of date. This serves as yet another reminder that local and state websites – even if maintained by third parties – are often out of date and their software isn’t patched on time. Out of date software puts both data and people at risk. Never use the oldest versions of anything, whether it's Windows Operating Systems or website infrastructure, because the majority of times that a technology vendor releases an update, it has patches to vulnerabilities intended to protect us and our sensitive data. When a full name, personal address, and birthdate are out there, it creates a risk to identity theft. Patient status data is particularly sensitive. Some of those afflicted with COVID-19 have reported that when they tell others of their status, friends, neighbors and family don’t know how to react. There are good reasons why public health records are sealed shut and even family members can’t access them without permission. In these times of heightened tensions due to the pandemic, the last thing we want is for anyone to shun vulnerable members of the community. Also, there’s plenty of blame to go around – the problem doesn’t sit solely with the third party vendor. It’s up to every organization to regularly get assurances from their vendors about the security and currency of their technologies. It’s a reminder to those who patch & update software – which can be among the more mundane of IT tasks -- are everyday heroes doing necessary and important work.  Read Less
August 24, 2020
Saryu Nayyar
CEO
Gurucul
Security breaches are the "Gift that keeps on giving" in the worst possible way. It should come as no surprise that there have been ongoing repercussions from the BlueLeaks breach in June. The revelation of some people's COVID-19 status in the database has only come to light now, but shows the depth of data revealed and the potential consequences that may not have been realized at the start. The only bright spot to this revelation is the revealed information is largely time-sensitive, which.....Read More
Security breaches are the "Gift that keeps on giving" in the worst possible way. It should come as no surprise that there have been ongoing repercussions from the BlueLeaks breach in June. The revelation of some people's COVID-19 status in the database has only come to light now, but shows the depth of data revealed and the potential consequences that may not have been realized at the start. The only bright spot to this revelation is the revealed information is largely time-sensitive, which somewhat reduces the impact. Unfortunately, it doesn't eliminate it, or in any way excuse the breach.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Share on facebook
Share on twitter
Share on linkedin

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts