We have to inform you that serious security breaches are present on the website of Magen David Adom, also known as MDA. This cybersecurity problem has led to the leaking of identifying information about patients, sensitive medical information, financial information and even information on organization volunteers. A huge amount of medical information has been retrieved by the cybercriminals from the affected website.
The hackers have found the breaches about a month ago and since then they have extracted private information from the emergency responders.
Cybersecurity experts have have declared that this incident “was a hack of leaking information”, done “by changing the parameters in the web page”, in order to obtain details of other patients: names, addresses, phone numbers, ID numbers, bills, and other medical documents, like if an ambulance paramedic said a person had AIDS.
Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;
Hackers were also able to find a way to see patients’ credit card numbers because according to the experts “hacking the site was very easy,” thanks to a weak spot present in the MDA’s payment platform.
Magen David Adom declared: “All MDA’s information systems are secured at very high levels using the most advanced technologies. Still, breaches are sometimes discovered as the level of hackers rises, and so when we were immediately informed of the breach, we took all the necessary steps.”
But the experts have also discovered that through the volunteer site hackers could gain control of and download the entire database, and could rewrite code in order to shut down the system and disrupt ambulance service.
All of the major cybersecurity flaws have been reported to national authorities, to the Authority for the Defense of Privacy and to MDA. In wake of a second breach, the medical operators have taken down all the affected websites.
This time MDA stated that “at no time was there any danger to the organization’s operational servers.”
We would continue to monitor this cybersecurity problem. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.