Scandinavian gamers hack NH medical center to play Call of Duty; compromise records of 230,000

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.unionleader.com/article.aspx?articleId=6add3fd7-0f3f-4680-aa61-232503e7eaca&headline=Scandinavian+gamers+hack+NH+medical+center+to+play+Call+of+Duty%3b+compromise+records+of+230%2c000

By CLYNTON NAMUO
New Hampshire Union Leader Correspondent
Jan. 13 2011

ROCHESTER -- Some Scandinavian nerds went above and beyond to play their 
favorite video game last year when they hacked a server for Seacoast 
Radiology to get more bandwidth, a move that gave them access to the 
personal information of more than 230,000 patients.

The gamers preyed on the server to play "Call of Duty: Black Ops," a 
popular, first-person military-style game that can be played online, said 
Lisa MacKenzie, a spokesman for ID Experts, an outside security firm 
brought in to deal with the data breach.

"Based on the investigation, there's no belief that any personal 
information was compromised in any way," MacKenzie said. "They were not 
hacking in to get any medical billing codes or any personal information or 
anything like that."

The radiology practice discovered the hack on Nov. 12 after IT officials 
noticed bandwidth was being leeched and immediately shut off access to the 
server.

[...]
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/