Spanish King Suffers PHI Leak In Latest Data Breach

BACKGROUNDER:

It has been reported that the king of Spain has had his PHI exposed in the latest data breach. The royal was among thousands affected by the computer security failure of the Madrid health system. The breach meant people’s private data such as their telephone number, social security number and address could be accessed by just having their ID number, Telemadrid reported.

Subscribe
Notify of
guest

2 Expert Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Trevor Morgan
Trevor Morgan , Product Manager
InfoSec Expert
July 9, 2021 1:44 pm

<p>A data breach can be a royal mess for any company or person caught up in having sensitive PII or PHI apprehended and exposed. The news that King Felipe VI of Spain has had his personal health data compromised turns that into a Royal incident. No matter what role or station in life we occupy, our most sensitive financial and health information needs to be kept private. The most common ways of preventing this from happening, such as traditional perimeter security and classic encryption, don’t necessarily account for the fact that sensitive data may ultimately fall into the wrong hands anyway. For this reason, data-centric approaches to security such as tokenization and format-preserving encryption safeguard the data itself, and they do so in a way that means organizations can work with data (for mission-critical activities such as data analytics and DevOps testing) without de-protecting it. Enterprises handling and processing sensitive data should explore data-centric security as another valuable and necessary tool in their cybersecurity toolbox, because the fallout from a data breach can cost a king’s ransom in fees, fines, and reputational damage.</p>

Last edited 1 year ago by Trevor Morgan
Martin Jartelius
Martin Jartelius , CSO
InfoSec Expert
July 9, 2021 1:44 pm

<p>Fortunately the GDPR is a modern law and blind to the fact if the victim may be a king or a peasant, but it is good the incident has been reported and resolved. Seeing the comments made as to what data in fact were exposed, clearly personally identifiable data but a minimal amount of health data, the fact who some of the victims are seems to be used to inflate the impact of the incident which is sad – this would be just as bad with or without kings and ministers, and its been swiftly resolved.</p>

Last edited 1 year ago by Martin Jartelius
Information Security Buzz
2
0
Would love your thoughts, please comment.x
()
x