Inside the Molina Healthcare Data Breach: Cause & Solutions
Data breaches are becoming common news. The harsh reality has left many scrambling for authentic security solutions, and scratching their head as to what to do better in the future. Luckily, education and research is fueling the industry that hopefully will have a long lasting positive influence. Here, we want to look at a past healthcare data breach that affected millions of customers. The vulnerabilities was in the website URL, but these are a few tips that you can take in consideration to protect your own business.
The Molina Healthcare Data Breach
Molina Healthcare suffered a major data breach in May 2017. This healthcare group is a major Medicaid and Affordable Care Act insurer and is considerably intertwined into many people’s lives. During the breach, Molina shut down its patient portal in response to a major security flaw. This security flaw potentially exposed patient medical data, and it didn’t require an authentication. The security flaw was simple – which angered many cyber security professionals in the field – it allowed Molina patient data to be accessed by simply changing a single number in the URL.
This single link gave access to patient records that allowed any attacker to enumerate and download all other claims. The link also required no authentication, potentially leaving the door open for anybody to access. This link gave access to names, addresses, birthdates, diagnosis, medication and other medical information that’s frequently used in medical fraud and goes for a fancy penny on the darknet. Overall, Molina serves 4.8 million customers in 12 individual states in the United States, and they all could’ve been potentially affected. Brian Krebs from Krebs on Security quotes:
“It’s unconscionable that such a basic, Security 101 flaw could still exist at a major healthcare provider today,” said Krebs. “However, the more I write about these lame but otherwise very serious vulnerabilities at healthcare firms the more I hear about how common they are from individual readers.”
This “security vulnerability” is a too common story with businesses alike. One simple web application flaw is a treasure trove for online hackers. The security solutions vendor Whitehat Security collected data and found in 2015 that 86% of 30,000 websites of customers tested had at least one serious vulnerability. This translates to over half of the tested websites had more than one vulnerability. How can we fix this common and deadly security flaw?
Solutions to Website Vulnerabilities
The first step in finding these vulnerabilities is to simply find a starting point. This is done by conducting a routine risk assessment. Businesses often conduct these in the standard once or twice a year to meet regulations. In accordance with HIPAA Privacy and Security Rules a risk assessment has to be conducted and passed in relation to the transmission of all electronic patient information. These assessment allow businesses to review security policies, identify new threats and uncover vulnerabilities in the systems. If these are routine, website vulnerabilities, like in the Molina data breach, could’ve been prevented in real-time versus resulting in a reactive event.
Next, creating a monitoring system that actively documents and analyzes the system for anomalies is beneficial in catching vulnerabilities before they’re exploited. This collects data from its users and creates a standard profile of ‘normal’ activity. That profile can then be compared against everyday operations and vulnerabilities, and detectable in ‘real-time’. The writer at IT World Canada explains how a type of metric or ‘analysis’ program can help improve security:
“The best advice we can give is for an organization to create a metrics program that tracks the area they want to improve upon, and then identify activities that’ll most likely move the needle. If an activity does work – great! Keep doing it! If there is no measurable benefit, stop, save the time and energy, and try something else. Frankly, this process is much easier and more effective than blindly following maturity models.”
Lastly, encrypting sensitive data when it’s online is one of the easiest solutions to online website data security. Encryption transforms ordinary data into an unintelligible code that can only be accessed with a key and tangible algorithm. This process can be used to keep large amounts of information stored on the internet safe from cyber criminals. In the Molina data breach, the patient information was not encrypted. It was anything but. The information was easily accessible, but if it had been encrypted, that would’ve made the URL vulnerability almost useless.
For more strategies to prevent and detect website vulnerabilities, ComputerWeekly.com offers a great article.