Cybercriminals are increasingly targeting patient portals of healthcare provider organizations in order to gain access to sensitive patient information. Despite this, a recent report from LexisNexis Risk Solutions found that 58% of healthcare organizations believe that their patient portal cybersecurity is superior to other portals. However, simply using username and password authentication or multifactor authentication may not be enough to prevent attacks. Criminal hackers use bots to automate tasks such as credential stuffing and data scraping to break into patient accounts. This is a widespread problem, with 96% of login pages overall being hit with bad bots in 2016. Healthcare organizations should anticipate bad bots running stolen credentials against their patient portals after every new breach. Good identity and access management practices, including multi-factor authentication, rate-limits, and a solution to prevent automated testing of credentials can be effective in protecting patient portals. Healthcare organizations also need to clean their traffic to remove abusive bad bots in order to reduce web scraping.
‘Amber alert’ as NHS in Plymouth makes urgent plea for people with certain blood type
The NHS has issued an urgent call for O type blood donors, following increased demand after the recent cyber attack. The attack led to reduced
