Virginia Prescription Monitoring Database Hacked
So I think it works this way- The state government collects personally identifiable information on everyone who goes to a doctor to get a prescription drug, thus violating any doctor-patient confidentiality- in order to monitor for drug abuse. And then the government refuses to properly secure the database that holds all of this confidential information? A hacker has broken into the prescription monitoring program’s database via the web and has stolen the 8.5 million records there. If the state doesn’t cough up 10 Million bucks, the hacker will expose the data.
You are Pwn3d! Pay me 10 Meeeeellion Dullars!
From NBCWashington here via Drudge:
The FBI is on the trail of hackers who claim to have accessed the personal information of millions of Virginians. They’re holding the information hostage, and are threatening to dispurse the sensitive data on the Internet if they don’t receive a $10 million ransom.
The hacker or hackers posted the ransom note on “Wikileaks,” a Web site that allows for anonymous tips about leaks of government information. The note claims that the personal information came from a raid on a state agency’s computer database, and that the hackers are now in possession of 8 million patients’ records, as well as 35 million prescription records. Those records may include Social Security numbers.
Investigators have reason to believe the threats from hackers may be credible; The Virginia Department of Health Professions has confirmed that there was an incident last Thursday where a hacker may have breached system servers.
The Virginia Department of Health Professions has the responsibility of licensing 300,000 healthcare professionals. The agency’s database includes prescription information, as part of a drug monitoring program to help prevent people from abusing prescription drugs.
The agency’s computers are still down, as investigators slowly go through every computer file, looking for a breach.
If the state can’t take the time to properly secure a patient database, then they have no business whatsoever being in the patient monitoring business. What are the risks of a few citizens abusing prescription drugs? Negligible compared to the risk of exposing personal data of 8.5 million people. Dumbasses.
