Cyber incidents at radiology system, thorax center and two practices in Hamburg

Contents

A hacker has gained online access to a platform of the radiology system "I-MED Radiology". I-MED Radiology is Australia's leading provider in the field of medical imaging. Access was gained using credentials from a previous data leak.

No two-factor authentication

The hacker told the news portal Crikey that he found login details for three accounts in the dataset, two for clinics and one for the radiologist. The accounts in question had three- to five-letter passwords and were not protected by two-factor authentication (2FA), according to the report. In addition, the accounts may have been shared by several people.

The login credentials, which are said to have been available online to cybercriminals for over a year, allowed access to the I-MED radiology patient portal and thus to files containing full names, dates of birth, gender and, in some cases, MRI scans. For some accounts, access extended back to 2006. I-MED did not tell Crikey how much data may have been accessible. However, preliminary investigations have indicated that there was no unusually high level of access to patient files.

Accordingly, access to more than 1000 data records was probably possible. I-MED told Malware Bytes that it had since strengthened its systems. According to Malware Bytes, the company had also recently been criticized for allowing a start-up to use patient data to train artificial intelligence.

Cyber attack on Münnerstadt Thorax Center

There are also vulnerable IT systems in Germany. The Thorax Center Münnerstadt, for example, is currently affected, and its operations are currently only possible to a limited extent. As a result, the Thorax Center can currently only be reached by telephone and e-mail communication is not working. However, patient care is guaranteed. "We have been affected by a criminal cyberattack," says the center's homepage. Work is currently being done "at full speed" to restore operations. The investigation is ongoing.

Physical data carrier stolen from practice

In another case in Hamburg, data carriers with a total of more than 100,000 patient data records were stolen from the servers of two medical practices – first in Wilhelmsburg and then in the city center –, the police confirmed to the Hamburger Morgenpost. Investigations are reportedly also underway there. It is also said that both practices belong to one company. The damage is said to amount to millions of euros. The perpetrator did not steal any other valuable items. According to the report, the police do not believe it was an attempt at blackmail. The motive is still unclear.

(mack)