The Weekend Leader - Hackers mining third-party apps to steal your health data

Hackers mining third-party apps to steal your health data

San Francisco

19-October-2021

PHOTO: IANS

Hospitals and health care systems have become a major target for hackers during the Covid-19 pandemic and a new report has claimed that third-party apps that pull patient data from electronic health record (EHR) systems are vulnerable to hacking.

VIT MBA Banner 2024 Dec Chennai
The researchers at app security company Approov were able to access over 4 million patient and clinician records from over 25,000 providers through third-party apps that link up with hospital health records to pull out data.

"Cybersecurity analyst Alissa Knight got access to more than 4 million patient and clinician records by exploiting vulnerabilities in data aggregators' application programming interfaces, along with associated apps that track medications and share patient records," reports STAT News.

The records included demographics, lab results, medications, procedures, allergies, and more.


"Collectively, the tested tools can read and write data to the major EHR systems," the report said on Monday.

Knight checked for vulnerabilities in apps built using the Fast Healthcare Interoperability Resources (FHIR) standard.

"She didn't need to use advanced cybersecurity hacking. She just used basic stuff that your freshman year of cybersecurity would have stressed," said John Moehrke, member of the FHIR management group.
Watch This TWL Video


The electronic health records housed at hospitals and health centres are well protected.

"But as soon as a patient gives permission for their data to leave the health record and head toward a third-party app - like programmes that track people's medications, for example - it's easy for hackers to access," The Verge reported.

The hacking attempts on the healthcare industry began to rise last year during the pandemic.


In 2020, 1 million people were affected almost every month by data breaches at healthcare organisations, according to health and human services (HHS) data.

Nation-state-backed hackers are also trying to infiltrate healthcare systems and steal vaccine-related research and other information, according to warnings from intelligence agencies in the US, Europe and Canada.

Four years ago, the UK's National Health Service (NHS) suddenly found itself one of the most high-profile victims of a global WannaCry ransomware attack - IANS



Milky Mist Cheese
Adayar Bakery
Air Cooler
Legendary Filmmaker Shyam Benegal Passes Away at 90 in Mumbai
Legendary Filmmaker Shyam Benegal Passes Away at 90 in Mumbai
Sustainable Investment Platform SustVest Raises $1.7M to Drive Solar Growth
Sustainable Investment Platform SustVest Raises $1.7M to Drive Solar Growth
Three Delhi Residents Shot Dead Outside Resort in Panchkula’s Morni Hills
Three Delhi Residents Shot Dead Outside Resort in Panchkula’s Morni Hills
Fire Breaks Out In High-Rise Building In Hyderabad’s IT Hub
Fire Breaks Out In High-Rise Building In Hyderabad’s IT Hub
Narendra Modi Becomes First Indian PM to Visit Kuwait in Four Decades
Narendra Modi Becomes First Indian PM to Visit Kuwait in Four Decades