Ministry probes medical data breach claims

19 Sep 2019 / 19:56 H.

PETALING JAYA: The Health Ministry has initiated investigations into claims that the medical records of close to 20,000 Malaysians are among millions of those freely accessible on computer servers worldwide.

Minister Datuk Seri Dr Dzulkefly Ahmad (pix) said in a statement today that a special meeting was held with the Malaysian Communications and Multimedia Commission and the National Cyber Security Agency to identify the source of the leak.

“This can happen at any health facility, including private hospitals and medical centres,” he said. “Possible remedial measures were also raised,” he added.

He said these measures included exposure risk mapping at all health centres and reviewing risk of data breach at hospitals that use picture archiving and communications systems (PACS) to continuously improve features and security applications and information technology infrastructure at these facilities.

A report today cited Germany-based security firm Greenbone Networks as saying that it had identified at least 52 countries, including Australia, China, Japan, the United Kingdom, France, the US, Russia and Brazil affected by the breach.

The report said the medical records of 19,922 Malaysians were publicly accessible from three archival systems, along with 1.2 million images associated with these records.

Personal data, such as the full name, date of birth and date of medical examination were available, along with images of X-rays, CT and MRI scans.

Dzulkefly said this global attack in cyberspace signalled a new era of cyber threats.

Earlier today, Dzulkefly launched the inaugural World Marrow Donor Day celebration in Malaysia at the Ampang Hospital.

In his speech, he said stem cell therapy holds great promise for treating blood cancer as well as other disorders but the numbers of registered donors in Malaysia is very low. He said the Malaysian Stem Cell Registry (MSCR) only listed 28,291 donors so far. “With this number, matching donors were only found in 16 cases,” he said.

email blast