Virus attacks health records in
EDMONTON – The
Alberta government has warned thousands of people that their medical
information may have been compromised after a computer virus that
normally hits financial institutions was found in the provincial health
Alberta Health Services is sending out letters to 11,582 Edmonton-area
individuals whose information on Netcare, Alberta’s electronic health
record, may have been captured by the virus between May 14 and May 29.
The virus typically gathers information from a host system and sends it
out to a predetermined address, said Frank Work (pictured), Alberta’s
Information and Privacy Commissioner.
The problem started when an outside computer slipped a new variant of an
old Trojan horse program, called “coreflood”, through the security
software in their Edmonton network. Alberta Health Services contracts
with two of the largest anti-virus firms in the world and neither one
had heard of this variant when it struck.
“In the past, [this virus] has been associated with Eastern European
gangs and the target has usually been financial information, so we’re a
little bit puzzled as to why or how it got into a health information
database,” Mr. Work said. He said the information would have included
names, healthcare numbers and medical records such as lab results,
appointments or diagnoses.
Alberta Health staff detected the virus after finding unusual traffic on
the system, said Bill Trafford, the organization’s chief information
officer. All Edmonton-area computers have since been swept and the rest
of the department’s computers will be cleared over the next couple
“We’ve cleaned it out,” Mr. Trafford said.
Mr. Work said investigators are still trying to figure out how the virus
got into the system.
He said the infection may not have been intentional and may have arrived
through someone bringing an infected laptop from home and plugging it
in. “There is a good possibility it may have accidentally been
introduced into the system,” Mr. Work said. “The virus could have been
spread that way without Netcare being specifically targeted.”
Mr. Work said the security breach shows the importance of maintaining
strong firewalls for information systems.
Mr. Trafford said there’s no guarantee that even the best system will
work every time. But he added Alberta Health will be upgrading its
defences. “It’ll likely be a two-step process to connect to our
networks. We’ll have an ability to isolate the device if we think it’s
not up to standard.”
Posted July 16/09.