Identity Management Lessons from the UC San Diego Health Attack

We share cybersecurity-expert delivered identity management lessons from the UC San Diego Health Attack. 

As we discussed in a previous article, the UC San Diego Health Attack has stirred a profound conversation among cybersecurity experts on its impact and aftermath. 

Part of that conversation involves identity management experts and their advice. Here are the key lessons we took away.  

Identity Management Lessons from the UC San Diego Health Attack

Robert Prigge

Robert Prigge is CEO of Jumio. 

“UC San Diego Health’s data breach was a result of unauthorized access through employee accounts after a phishing attack, highlighting how healthcare organizations have yet to implement proper security that can protect employee and patient identities. It’s highly likely that personally identifiable information was accessed or obtained in this breach, placing victims at risk of fraud or identity theft. Fraudsters can leverage the medical records, lab results, Social Security numbers, and government identification numbers to impersonate legitimate patients and commit insurance fraud, seek covered medical care, and refill unauthorized prescriptions. It’s also possible the exposed information is already circulating on the dark web – where it can command a high value since there’s more personal information in health records than any other electronic database. As the healthcare sector shifts toward telemedicine and remains a lucrative target for cyber-criminals, it’s critical that institutions trust their patient is who they claim to be. Leveraging biometric authentication (using a person’s unique human traits to verify identity) confirms patient identity, which allows healthcare organizations to approve or deny online accounts, appointment requests and attempted purchases while safeguarding employee email accounts against phishing attempts.”

Alicia Townsend

Alicia Townsend is a Technology Evangelist at OneLogin.

“Yet again, another healthcare institution has become the victim of a phishing attack. Sadly, malicious actors are constantly trying to take advantage of employees in the healthcare industry in order to access such a rich source of patient personal information. The full extent of this particular breach has not yet been fully discovered, though first reports suggest that the bad actors were only able to access the email account of a few employees. While they did not seem to get full access to entire data stores of patient information, they did get access to personal information for a number of patients, everything from basic contact information to social security numbers to medical history.

UC San Diego Health has stated that they have taken steps to enhance their security processes and procedures. We can only hope that includes requiring additional authentication factors when their users log in to access all resources, including email. But even they admit that they need the “community to remain alert to threats”. We have stated it before and it needs to be stated again: healthcare institutions must implement security training for all of their users. Everyone needs to be educated on how to spot phishing attempts, how to keep their passwords secure, the importance of using additional authentication factors, and what to do in case they suspect an attack.”

Thanks to these identity management experts for their time and comments on the UC San Diego Health Attack. For more, check out the Identity Management Buyer’s Guide or the Solutions Suggestion Engine.