Order Now
Uncategorized

Computer Security Breaches: Recent Examples And Preventive Measures

10 min read
Posted on 
April 23rd, 2025
Home Uncategorized Computer Security Breaches: Recent Examples And Preventive Measures

Bronx-Lebanon hospital data breach

Question:

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

Discuss about the Data Compromised in Bronx Lebanon.

According to (Techopedia, 2017) a computer security breach is any event that results in unapproved data, applications, services, networks  and device access by circumventing their primary security tools. A security breach transpires when a person or a system unlawfully intrudes private and unauthorized IT systems. Technology is increasingly advancing, but so is cybercrime. The number of data breaches tracked by June 2017 has increased by over 700 records, compared to 2016 in the same period of time (Urrico, 2017). The number is expected to rise to about 1,500 by the end of the year.  This report discusses two recent computer data breaches in two parts; Part A comprises of the Bronx-Lebanon hospital data breach that occurred in May 2017. Part B contains of the latest ransom ware cyber-attack that also happened in May 2017.

In May 2017, Bronx Lebanon Hospital Center based in New York City was infiltrated revealing the medical records of thousands of users. The breach exposed at least 7000 patients’ records (Cohen, 2017). The leaked data unveiled patients’ records  between 2014 and 2017 including  HIV statuses,  medical health diagnoses, domestic violence and sexual assault reports alongside patient names, social security numbers, physical addresses, religion and addiction history (Cohen, 2017).

The Bronx Lebanon Hospital data  breach occurred after a Rsync backup server used to  transfer and synchronize files through computer systems,  hosted by iHealth Solutions, a third-party records management provider, was left in a vulnerable state (O’Hara, 2017). iHealth was managing the medical records for the Hospital. The Rsync server is said to have been misconfigured and was therefore at a great security risk. (Sehgal, 2017) . This left the server exposed making it an easy target for hacking. The attacker was able to hack into the backup server hosted by iHealth, and expose patients records (Sehgal, 2017). It is not known the actual length of time patient records were exposed.  According to a statement by iHealth, only one person gained unapproved access to the records and there’s no indication the records have been used inappropriately.

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

It is not yet clear why the attacker hacked into the server containing patients’ records. However, hackers are increasingly targeting health care industries because of the following reasons.  First, health industries store large volumes of personal information that could be used for financial fraud including names, social security numbers, and payment details (Davis, 2016). They also hold personal insurance facts, which can be peddled online in black markets and used to commit medical fraud including attaining unpaid medical care or acquiring costly medical materials (Davis, 2016).

WannaCry ransomware cyber-attack

Like stated above, technology is increasingly advancing.  There are numerous emerging and disruptive technologies for businesses to adopt including accessing software, cloud space and infrastructure over the Internet. However, there are risks involved with regards to adopting technological advancements. The issue of security with upcoming technologies. The Bronx Lebanon Hospital data breach   occurrence indicates trends in business organizations where such establishments implement new technology architectures, but fail to protect and secure such systems.  Using a third party vendor becomes even more risky when it comes to offering security. Following are possible measures that can be implemented to secure such systems according to (Wabo, 2016)

  1. Secure all computer systems including those that may not be considered significant 
  2. Train employees on how to use technologies securely without exposing them to hackers
  • Updating security procedures occasionally. Hackers are always implementing new methods of trying to intrude systems. Updating security procedures periodically guards against attacks that result from lack of system security updates.
  1. Reduce data transfers which may be tampered with or trespassed
  2. Encrypt all company data and information
  3. Ensure that only authorized and approved persons access data and information systems
  • Install security infrastructure for data systems
  • Make use of passwords to reduce illegal access to computer systems
  1. Implement 2 Factor Authentication(FA) which implements a stronger layer of security that requires more than a password and a user name to include another feature that only the user knows (SecurEnvoy, 2016)
  2. Implement intrusion detection systems(IDS) to detect attempt to access computer systems
  3. Securing all network systems to ensure data intrusions and data attacks
  • Use updated software’s in computer systems and install software patches which can make systems susceptible to attacks

May 2017 saw a good number of countries worldwide suffer a ransom ware cyber-attack known as WannaCry. The ransom ware is crypto worm that quickly spreads through computer systems via the Internet. The attack was directed at workstations executing   operating systems from Microsoft Windows.  WannaCry attacked systems by encrypting data and demanding ransom payments in form of the Bit coin (BBCNews, 2017) .  The attack first started on May 12, 2017, and had been reported to have infested over 220,000 computers in over 150 countries (Perlroth, Scott, & Frenkel, 2017). The ransom ware, named WannaCry, encoded data on more than 70,000 computers in about 99 countries. A ransom was demanded to decrypt   all the systems that were encrypted (Perlroth, Scott, & Frenkel, 2017). The attack started on   the Ukrainian government and business computer systems (BBCNews, 2017). The attack then spread from Ukraine, affecting computer systems around the world (Perlroth, Scott, & Frenkel, 2017). European states, together with Russia, were amongst the worst hit by the attack (BBCNews, 2017). The attack was contained, slowed down and stopped by the use of a kill switch by a security researcher, but the danger is not yet over (BBCNews, 2017).

According to an article on the New York Times by (Perlroth, Scott, & Frenkel, 2017), In Ukraine, where it all started, the attack affected Ukraine’s Infrastructure Ministry, the national railway company the postal service, and Ukrtelecom – one of the country’s principal communications companies. In Britain, the health care systems were affected whereby the hospitals were locked out of their systems and doctors could not call up patient files. In the UK, National Health Service (NHS) staff showed screen-shots of the WannaCry worm, which claimed a payment of about $300 in bit coin currency to decrypt computer files. The attack targeted computer systems in many other countries such as fedEx in the US. In Spain Telefonica company was a target   while MegaFon in Russia was also affected (Perlroth, Scott, & Frenkel, 2017). The attack spread for five days across Ukraine, and all over the world in other countries including Germany, France, Portugal, China, Indonesia, South Korea, Spain, Italy, Sweden and India among others (BBCNews, 2017). On entering computer systems, the attack would encrypt al the files and shut down the systems such that they could not be used until decryption was done by the hackers after the affected organizations paid a ransom.

Risks of adopting technological advancements

It is still unclear who is behind the May 2017 global cyber- attack. However, the tool that made the attack possible is alleged to have been established by US’s National Security Agency (NSA) to make use of a flaw originating from   Microsoft’s Windows operating system (Rizkallah, 2017). This exploit, identified as Eternal Blue – was taken by Shadow Brokers, a group of hackers who made  available  freely in April as a way of protesting against President Donald Trump. The WannaCry ransom ware spreads by means of EternalBlue, a flaw in some of the rules of Windows’ Server Message Block (SMB). The attack was initiated through a phishing attack. Once it affected a computer system, it then spread across computer systems as a computer worm.

The attack hit users and organizations that were still using old Microsoft Windows operating systems. Those who were still executing old versions of Microsoft Windows that the company is no longer supporting, including Windows XP operating system and Windows Server 2003, were originally at risk. However, Microsoft was able to release an alternative security patch for these operating systems (Warren, 2017).  Practically, all the organizations hit by the cyber-attack were running on Windows 7. Some measures that could have been used to prevent the attack include software patches. The security patch released by Microsoft was able to protect the computers against the attack if they were updated by installing it (BBCNews, 2017). The corruptions seemed to be arrayed via a computer worm that was spreading about on the Internet. Securing computer network systems would also have prevented the attack. It was reported that the attack started as a phishing email attack. Training users on system security would have also helped avoid such an attack since users would be able to detect authorized from unauthorized parties.

Conclusion

Computer technology keeps emerging. Newer technological advancements are developing every other day. Technologies such as the Internet of things only makes many more interconnections, which increases system and computer networks vulnerabilities. Increasing technology also means increased computer attacks. Cyber security – which is a body that comprises of tools, procedures and technologies aimed at  protecting  computers programs and systems from attack, damage or unauthorized access  is growing increasingly (Rouse, 2016). According to Forbes, the global cyber security market extended to about $75 billion in 2015 and is projected to reach above $160 billion by 2020 (Rizkallah, 2017). Organizations cannot afford to secure some systems they consider important and leave out others. Businesses have to implement secure systems to safeguard their data and information. Lack of which puts them under high risks of information loss and manipulation. Companies have to install security policies and procedures to be able to prevent future data breaches. Also, companies should invest in training employees on how to deal with securing their systems as a lot of hackers use either phishing or social engineering attacks to acquire log in details from unsuspecting employees. This is the only way to prevent and be in a position to deal with such attacks when they occur.

References

BBCNews. (2017, May 13). Cyber-attack: Europol says it was unprecedented in scale. Retrieved from BBC News: https://www.bbc.com/news/world-europe-39907965

Cohen, J. K. (2017, May 11). 7,000+ people affected in New York hospital data breach: 4 things to know. Retrieved from Beckers Healthcare: https://www.beckershospitalreview.com/healthcare-information-technology/7-000-people-affected-in-new-york-hospital-data-breach-4-things-to-know.html

Davis, T. (2016, March). Why hackers want your health care information, and how easy it is to get. Retrieved from Dallas News: https://www.dallasnews.com/business/health-care/2016/03/28/why-hackers-want-your-health-care-information-and-how-easy-it-is-to-get

O’Hara, M. E. (2017, May 10). Thousands of Patient Records Leaked in New York Hospital Data Breach. Retrieved from NBC News: https://www.nbcnews.com/https://www.nbcnews.com/news/us-news/thousands-patient-records-leaked-hospital-data-breach-n756981

Perlroth, N., Scott, M., & Frenkel, S. (2017, June 27). Cyberattack Hits Ukraine Then Spreads Internationally. Retrieved from New York Times: https://www.nytimes.com/2017/06/27/technology/ransomware-hackers.html?mcubz=0

Rizkallah, J. (2017, August 25). The Cybersecurity Regulatory Crackdown. Retrieved from Forbes: https://www.forbes.com/sites/forbestechcouncil/2017/08/25/the-cybersecurity-regulatory-crackdown/#4c8f13674573

Rouse, M. (2016). cybersecurity. Retrieved from TechTarget: https://whatis.techtarget.com/definition/cybersecurity

SecurEnvoy. (2016). What is 2FA? Retrieved from Secur Envoy: https://www.securenvoy.com/two-factor-authentication/what-is-2fa.shtm

Sehgal, S. (2017, May 19). Over 7,000 Patients’ Data Compromised in Bronx Lebanon Hospital Data Breach. Retrieved from https://securingtomorrow.mcafee.com/business/7000-patients-data-compromised-bronx-lebanon-hospital-data-breach/

Techopedia. (2017, August 26). Security Breach. Retrieved from Techopedia: https://www.techopedia.com/definition/29060/security-breach

Urrico, R. (2017, August 26). Top Data Breaches of 2017. Retrieved from Credit Union Times: https://www.cutimes.com/2017/07/21/top-data-breaches-of-2017

Wabo, B. (2016, October 11). 14 Ways to Prevent Data Breaches in Your Organization. Retrieved from A-lign.com: https://www.a-lign.com/14-ways-prevent-data-breaches-your-organization/

Warren, T. (2017, May 13). Microsoft issues ‘highly unusual’ Windows XP patch to prevent massive ransomware attack. Retrieved from The Verge: https://www.theverge.com/2017/5/13/15635006/microsoft-windows-xp-security-patch-wannacry-ransomware-attack

Order an Essay Now & Get These Features For Free:

Turnitin Report

Formatting

Title Page

Citation

Outline

Place an Order
Calculate the price
Pages (275 words)
$0.00
Course Scholars
Company
Legal
How Our Service is Used:
Course Scholars essays are NOT intended to be forwarded as finalized work as it is only strictly meant to be used for research and study purposes. Course Scholars does not endorse or condone any type of plagiarism.
Subscribe
No Spam
© 2025 Course Scholars. All rights reserved.
Course Scholars will be listed as ‘Course Scholars’ on your bank statement.

Order your essay today and save 15% with the discount code GINGER

Order Now