Outsourced 3 party security vendors play a big role today and are almost imperative to have on networks today and this story relates to some pretty disturbing information found in cache on servers located outside the US. Data contained Citrix credentials, also known as a single sign on procedure used by medical personnel to access a network, hospital and otherwise. This was found relating back to a publicly owned health system in the US. In addition Outlook Web access accounts were found. With having the credentials, the information from the logs could have been up for access, and in the long run, it was a good thing the vendor was up and running to scan and locate before any damage was done. BD
Recently, security vendor Finjan discovered 500MB of interesting data while trolling for Malware and performing other research. What makes this data interesting is that it is medical related, not the normal credit or debit card information or social security number information. Finjan has found some wonderful caches of data and various criminal toys online in the past. This recent discovery is interesting, as it is one of the few times medical information was discovered live. The data included healthcare and business related data, as well as personal information (stolen Social Security Numbers) for patients. Like credit cards, this data is being sold to the highest bidder online. The data was discovered on servers located in Argentina and Malaysia.
Hat Tip: SecurityRatty