Integris, St. Anthony patients hacked: what to do | News | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Last week, I reported how patients of both Integris and SSM St. Anthony hospitals have been victimized by Internet criminals hacking the hospital’s poorly-secured computer networks. Private patient information was stolen, including name, date of birth, Medicaid/Medicare ID number, health plan information, medical treatment information, medical record number, patient account number, case identification number, provider and doctor information, and Social Security number.

This creates a full-on bona fide identity theft crisis that cannot be minimized or ignored. The personally identifiable information (PII) of millions of people has been stolen, the type of information criminals use to steal tons of money.

Possibly the most critical piece of PII stolen is the Social Security Number. An SSN allows an Internet crook to easily build a profile on a victim, and start setting up phony accounts in the victim’s name, while at the same time making themselves the beneficiaries of those accounts. These accounts can include checking and credit card accounts, “store” accounts (like Lowes, Walmart, Home Depot, etc.), car loans, mortgages, and the list goes on and on. This is an identity theft road I have been down with clients before, and trust me, this is not a road you wish to travel.

What to do? Fortunately, there are important and effective things you can do to protect yourself. 

First, order and download credit reports. There is one, and only one official place on the Internet to get free credit reports, and that’s at Click the “Request your free credit reports” button, and get to work. They only cover Equifax, TransUnion and Experian, but that’s OK. Do this at least once a month to see if the bad guys are trying to mess with you.

Next, implement your first major line of defense. You absolutely must setup a freeze (not a “lock”) on your accounts at all four major credit reporting bureaus; yes, there are four, not three. The four major credit bureaus are Equifax, TransUnion, Experian and Innovis. Making sure you have locks in place at all four bureaus will go a long way in preventing the bad guys from setting up phony financial accounts. You will also inform all four bureaus you are an identity theft victim, which, if you got a letter from any institution alerting you they experienced a data or information “breach” or “compromise,” you most definitely are.

Visit Equifax at and click the “Place a security freeze” button. Fill out the form and follow the instructions. Then, visit and click the “Place an alert” button to create a Fraud Alert. Again, fill out the form and follow the instructions.

Click the “Add a freeze” button at and do the same thing. The TransUnion freeze process will also let you place a Fraud Alert.

Next stop is to click “Create a free account” to implement the freeze, and then visit to set the fraud alert.

Finally, fill out the form at to setup an Innovis credit freeze. Visit to get the fraud alert going.

Next week: placing fraud and identity theft alerts with government agencies.

Photo: Dave Moore

Dave Moore, a Certified Information Systems Security Professional, has been fixing computers in Oklahoma since 1984. Founder of the non-profit Internet Safety Group Ltd., he also teaches Internet safety community training workshops. He can be reached at 405-919-9901 or

(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); = id;
js.src = “//”;
fjs.parentNode.insertBefore(js, fjs);
}(document, ‘script’, ‘facebook-jssdk’));


Click Here For The Original Story From This Source.


National Cyber Security