Following ‘Australia’s largest data breach‘ where 550,000 Red Cross blood donors’ information was reportedly hacked, victims have found themselves to be at a potential risk of further hacking as criminals are reportedly attempting to steal patients’ details through a recent phishing scam.
These sorts of follow-up attacks are not uncommon – when people are at their most vulnerable after a cyber attack, it can be common for other hackers or criminals to jump on the situation to try and use the hack for further gains.
Circumstances of the breach
Red Cross Blood Service had contracted work out to Precedent, who then allowed 1.3 million files to be accessed in the hack which contained 550,000 personal details of blood donors.
It happened through the victims completing a web form to donate blood between the years 2010 and 2016, and it was the backup of the data being stored on a database by Precedent which was then subsequently hacked.
Information accessed, and why it’s an issue
The information accessed reportedly included names, addresses, blood types, and other personal details. The data came from entries made online to see whether people were eligible to donate blood.
It’s further alleged that sensitive medical information was also leaked. Medical information is fast becoming a hot commodity. Why? Aside of the records detailing your last check-up, prescribed medication, or injections, your medical records are a comprehensive document about you. Records can contain a lot of your personal details, which may include your name, physical address, and sensitive information like bank details, date of birth etc. This is not only useful for basic identity fraud but also medical fraud, which can be more profitable. This can allow cyber-criminals to use the personal data to purchase medical equipment or worse, file fraudulent insurance claims.
Phishing messages
Now, cyber attackers are apparently trying to extract sensitive information by sending out phishing messages. The attackers can camouflage themselves as a trustworthy entity, by doing things like pretending to be the Red Cross Blood Service sending out text messages off the back of the well known hack.
The Red Cross was made aware of this when they received reports of the scam from several donors. The report shows that blood donors were informed that there was an anomaly and that further action was needed by clicking an ambiguous link.
Nature of the phishing messages
There is widespread concern that cyber attackers are using these phishing messages to dupe victims into further hacking. The scam is sophisticated in the way that messages are sent as a ‘flash SMS’. This displays the message directly on the screen but is not automatically stored, allowing the message to disappear. This has led many to believe that the phishing scam is just part of the ground work that will form part of a larger hack.
Red Cross’ warning
The Red Cross Blood Service are trying to be more proactive in their cyber security as a result of what’s happened. They have since sent out warning messages to patients to confirm that these phishing messages are not from the organisation and that they must be “disregarded and deleted”. The Blood Service has also updated their website with further advice, advising patients to “remain vigilant”.
A [low] risk remains
The Red Cross Blood Service may breathe a sigh of relief as only two copies of the database have allegedly been accessed, which have since been erased. Logically, this lowers the risk of further hacks. However, it’s still not certain whether this is the case. What can be said for sure is that sensitive data was leaked on a web server, which potentially allows anyone access to the information. The Red Cross Blood Service needs to step up their cyber security ‘A game’ as data breaches are fast becoming an issue worldwide, and there are no visible signs these type of breaches are slowing down.