About

TechNation is the primary monthly magazine and ultimate resource guide for over 12,000 medical equipment service professionals. Its diverse editorial and information helps biomedical, HTM, imaging and I.T. professionals keep their finger on the pulse of the healthcare technology community, helping advance their careers and further their profession.

Register Now: Modernizing HTM Economics | April 22
TechNation.TV | HTM Jobs | Right to Repair | Advertise
Subscribe

Cybersecurity: Are You Giving Away Private Information?

4 Mins Read

By Joseph E. Fishel, CBET, MBA

Here is a questionnaire to take you down memory lane. I thought you might enjoy it.

  • Name your first grade teacher?
  • What was the first car you drove?
  • What was your first pet’s name?
  • Where were you born?
  • Who was your favorite grade school teacher?
  • What’s the first name of who you went to the prom with?
  • What was the name of the first movie you went to without your parents?
  • Who was your favorite high school teacher?
  • What was the name of the street you grew up on?
  • Where did you go on your first plane trip?

Did you enjoy going down memory lane? Having some feelings of “Auld Lang Syne?” Have you filled one of these out on a social media site such as Facebook in the past? When you finished, you probably pressed reply as well as sent it to your friends. This is just among friends right? You’ve known most of your Facebook friends for eons right? There was nothing really new here as most of your friends grew up with you. They had the same experiences that you had and the same teachers. Guess what? This didn’t come from the friend that you thought it did. Your friends were hacked and someone is sending out emails in their name.

What did you just give the hacker? Here are the top 10 security questions that companies use to have an individual verify their ID to be able to create an account or recover your password.

  • What was the first company that you worked for?
  • Where did you meet your spouse?
  • Where did you go to high school/college?
  • What is your favorite food?
  • What city were you born in?
  • Where is your favorite place to vacation?
  • What is your favorite book?
  • What is the name of the road you grew up on?
  • What is your mother’s maiden name?
  • What was the name of your first/current/favorite pet?

If you have a Facebook account I can see where you live, where you are from and your relationship status. I can also see your friends. I may IM you to email me directly so we can catch up. I give you an email address and ask that you send your email address and phone number too. I now have your email address and phone number and you don’t suspect a thing. From this little bit of information, I can determine where you graduated from high school with a phone call to the school. I can find out what year you graduated. I then subtract 17 or 18 years from that and I know, within two years, when you were born. I can search for you through many ancestry applications. When I find you on the application it will give me your exact birth information including the date, location and parents’ full names (both middle names and maiden names).

I now have enough information to start creating havoc with your finances.

For existing accounts, I can click “forgot password” and go through the process to get a new one. Websites usually ask for the email address affiliated with the account and that a security question be answered. By answering it correctly I can change the password and, bingo, I have access to the account.

A more guaranteed way of obtaining account numbers is also the most common way and that is to go through a homeowner’s trash looking for financial correspondence that has not been shredded. If I have your Social Security number, I’m golden.

What else is in the trash? All of those junk mail credit card offers. Are you shredding them? These can be used to create new credit card accounts in your name. With the above information, I contact the company impersonating you and there is a 90% chance that I will be able to open an account or create a credit card account in your name. You won’t know it until the bills start to arrive or a collection agency starts contacting you because payments haven’t been received.

These are reasons why cybersecurity in health care is so important. Much of the patients’ personal information (such as name, address, phone number, age, birthdate, gender, marital status, etc.) are found or reside in files on a health care provider’s network whether in medical or financial files. We have a responsibility to protect them.

Joseph E. Fishel, CBET, MBA, is a Healthcare Technology Systems Manager for Sutter Health eQuip Services.

Share.

Related Posts

Add A Comment

Leave A Reply

X