28 thoughts on “Monday’s Papers

  1. goldenbrown

    + still not so much as a sentence out of the HSE’s Chief Security Officer about losing your data?!? (oh yeah cos there isn’t one, imagine that, a company of 80,000+ networked employees with no CSO)

    + still not so much as a sentence out of the HSE’s Chief Information Officer about losing your data?!? (but there definitely is one, you can find him on LinkedIn if you’re curious, helloooo? are you out there??)

    + still nothing from the Minister for Defence about this attack on his citizens ?!?
    (it’s Coveney btw when he’s not busy with the ferrero rocher tray)

    just dulcet tones from Paul Reid in agreeable hand-wringing fireside chats with RTE, Newstalk and your national newspapers, where if you were listening this weekend all responsibility for the failure to defend this attack was effectively renounced denied abandoned and handed over to you personally….yah we lost your data, oh well, now you have to suffer but lookit it was nobody’s fault and everything is still awesome

    world class incompetence!

      1. SOQ

        Not true- its a full inventory of near every citizen in the country, because very few people have never had some sort of dealings with the HSE.

        Full name, address, DOB, email address, phone number, PPS number, next of kin details, and that is not even considering the ailments or conditions.

        It is absolute dynamite.

        1. Rosette of Sirius

          100%. There will be a massive surge in identity theft in the coming years that will have profound consequences for many of us. I’ve said it before, the single most valuable piece of PII we have is our unique PPS number and honestly, that in the hands of criminals terrifies me.

        2. scottser

          but, but, two factor authentification? i know i’ll be safe, thanks to that little 6-digit code..

        3. Cian

          You are assuming that (a) the HSE stores all that information in one place (which i doubt); and (b) the hackers managed to get that information.
          Most hospitals are independently run. I get a hospital identifier, and they story my details. If i go to another hospital they don’t have access to my other records.

          When our kids were born, my wife was given a folder on her first visit (this included a stack of printed stickers with barcodes). She brought that folder to each subsequent visit/scan. They would record details of the visit into the folder which we brought home. We had the only copy of her maternity records. I don;t know if it is changed since, but all the hospital had was a list of her appointments.

          1. Janet, dreams of an alternate universe

            I only have a list of appointments, the hospital has all scans, procedure and med med records, sounds like other way around at Rotunda
            I heard the Combe have yet to use computers ;)

          2. SOQ

            Date time stamps which give a fair indication of where the infection first arose but once security has been breached, it is near impossible to tell how many systems were compromised- the number locked down is only an indication of ransom-wear, not those hacked.

            I would never assume all systems were interconnected but some certainly wear and analysis of logon records should give some indication of malintent. But, its surprising how easily such can jump from one to another- a PC with open ports to two for example is a perfect bridge.

      2. Micko

        Yikes, that is a lot of info. Lots of Identity theft and borrowing of money gonna be taken out in peoples names.

        Oh wait… Covid has destroyed the chances of tons of people ever getting a loan for the next few years anyway.

        Ha HA – joke’s on YOU hackers!!

        Want to take out a loan in my name? – well, you’re gonna have to improve my credit score first!

        1. Formerly known as @ireland.com

          @Micko – they can pretend to be a person and withdraw funds from their bank account.

    1. Redundant Proofreaders Society

      Agree.

      Article 34 of The General Data Protection Regulation 2016/679 states that informing individual data subjects of a breach can be waived if;

      ‘It would involve disproportionate effort. In such a case, however, data controllers must still ensure, by way of a public communication or similar measure, that the data subjects are informed in an equally effective manner.’

      We don’t feel it has been effectively communicated. One advisory could have been to change passwords and secure bank account details. Where is the public communication?

      1. Cian

        How would “change passwords and secure bank account details” help?

        If a hacker knows my name/DOB/address/PPSN – how does me changing my password make any difference to anything?
        What does “secure bank account details” actually mean?

        1. SOQ

          Two step authentication should be rolled out across all emails, same as the bank apps- for a start.

          Everyone should have a good security system on both laptops and mobile devices- it is suspiring how many still do not,

          Change passwords to different things for different accounts- it is very common for people to use the same one for half a dozen things.

          There are practical steps people can take right now to improve their security.

  2. scottser

    hey bodger – aren’t you on the dark web all the time? can you do a quick search for what patient information is up there and let us know?
    ta

        1. Slave to the Rhythm

          Maybe after her you should try that defiant mad gran

          SUGGESTION: Put a mask over her gob during the act

Comments are closed.

Sponsored Link
Broadsheet.ie