[LINK] A massive data breach in Western Australia has exposed the confidential records of patients and hospital staff online.

Scott Howard scott at doc.net.au
Tue Jul 21 14:18:52 AEST 2020 

This "privacy breach" has been going on for over 30 years.

These "medical details" are actually just pager messages.  Remember pagers?
Those pre-mobile-phone radio receivers people used to carry to get messages?

The protocol used by these devices is about 40 years old, and is trivial to
decode using nothing more than a $100 radio scanner and computer, or a $20
software defined radio receiver.

Although pagers have largely disappeared from public use, it's still not
uncommon for places like hospitals to use them as they can be far more
reliable than a mobile phone.  If I had to guess, I'd say what was being
transmitted was not the "medical details" and almost certainly wouldn't
have included things like "addresses, and how their cases are being
managed" as the story claims, but instead just a summary of an inbound call
record being recorded in a case management/ticketing system.  Still not
good, especially as phone numbers and names were included on some of the
messages (at least the ones I managed to find - at least one of the
websites hosting them has been taken down, but I was still able to find
some in Google's cache)

And despite what Nine claimed, logging and decoding such messages is NOT
illegal.  In most (if not all) states, acting on the information received
generally IS illegal, as may well be sharing the information.  (Or at
least, that was the case 20+ years ago when I used to play with this stuff.

  Scott


On Mon, Jul 20, 2020 at 8:02 PM Marghanita da Cruz <marghanita at ramin.com.au>
wrote:

> > Sensitive medical details of scores of West Australians have been
> > compromised in one of the state's biggest privacy breaches, where
> > thousands of state government communications were published on a
> > public website...
>
> https://www.watoday.com.au/national/western-australia/unforgivable-the-privacy-breach-that-exposed-sensitive-details-of-wa-s-virus-fight-20200720-p55dsm.html
>
> --
> Marghanita da Cruz
> Telephone: 0414-869202
> Email:  marghanita at ramin.com.au
> Website: http://ramin.com.au
>
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link
>

More information about the Link mailing list