‘Significant’ security holes in Medicare/Medicaid data
Norman Leahy reports:
Medicare and Medicaid have “significant” vulnerabilities in their wireless networks that jeopardize the personal information of millions of citizens, according to a report issued Wednesday.
If exploited, the security holes at certain Centers for Medicare and Medicaid Services data operations could result in “unauthorized access” to personally identifiable information and a possible “disruption of critical operations,” said a Department of Health and Human Services inspector general report.[…] The HHS inspector general office conducted a simulated “wireless penetration test” of 13 CMS “data centers and employee and contractor facilities” between Aug. 31, 2015 and Dec. 4, 2015. It used “tools and techniques commonly used by attackers to gain unauthorized access to wireless networks and sensitive data.”
The report said that, while CMS “had security controls that were effective in preventing certain types of wireless cyber attacks,” the tests identified “four vulnerabilities in security controls over wireless networks.”
Read more on AMI Newswire.
Related: WIRELESS PENETRATION TEST OF THE CENTERS FOR MEDICARE & MEDICAID SERVICES’ DATA CENTERS (August 2016, A-18-15-30400)