The above was reported by Channel News Asia (CNA) on 18 September 2019. Only good news was that the above was not a result of a cyber breach. Malaysia was one of the 52 countries investigated by a German based cybersecurity firm who discovered that millions of medical information in these 52 countries are freely accessible on computer servers worldwide. Some of the 52 countries, includes Australia, China, Japan, the United Kingdom, France, the United States, Russia and Brazil. The personal data unearthed and in public domain included full names, dates of birth, dates of medical examinations, X-ray images, CT and MRI scans.
For Malaysia, 19,922 patient data records were publicly accessible from three archive systems, along with 1.2 million images associated with these records. The cybersecurity firm warned that the data could harm a person’s reputation and could be used for identity theft.
We have in several articles posted, highlighted the point that cyber criminals are increasingly targeting healthcare records. We are also of the view that healthcare organisations in our country, both in the public and private sector have inadequate cyber risks measures implemented to-date, making them a high probable targets for cyber criminals.
How many times do we need to highlight to the leadership of those in charge of healthcare organisations in Malaysia before they 'wake up' from their slumber to face the realities of today's cyber world? As shown in several recent cases in the US and the EU, organisations in this 2 regions are now finding out 'the costs' of not taking the issue of cyber risks against their organisations seriously is much more damaging than if they have listened and invested in having active cyber risks measures implemented.