[ISN] Parkview assisting FBI in probe of file hacking

InfoSec News isn at c4i.org
Mon Feb 6 01:39:51 EST 2006


By Michael Schroeder
The Journal Gazette
Feb. 03, 2006

As part of an ongoing FBI investigation into Medical Informatics
Engineering and alleged software tampering at Orthopaedics Northeast,
Parkview Health confirmed it is cooperating with the investigation.

The hacker appears to have breached Orthopaedics Northeast's network
by exploiting connections of Parkview and an unnamed medical office
from the outside, said Raymond Kusisto, chief executive officer of
Orthopaedics Northeast.

The FBI is investigating software company Medical Informatics, 4101 W.  
Jefferson Blvd., in connection with the breach, a Medical Informatics
official confirmed. No charges have been filed.

"The hacker simply used Parkview as a mule," Kusisto said. "Parkview
didn't have anything to do with this."

New Medical Informatics competitor triPRACTIX, 1330 Medical Park Drive
- which now manages Orthopaedics Northeast software - contacted the
FBI on Orthopaedic Northeast's behalf after hiring consultants who
determined software problems were caused by outside tampering, Todd
Plesko, chief executive officer of triPRACTIX, had said.

There were nine cyber-attacks in the first two weeks of January,
Kusisto said.

The software problems slowed operations and increased overtime work
but didn't affect patient safety or records security at Orthopaedics.  
12 area locations, Kusisto said. Karen Belcher, spokeswoman for
Parkview, said all patient records in Parkview's network are secure.

"When we were alerted... that there was a concern, we went ahead and
checked out the systems, and we did not find a problem," Belcher said.

If a hacker did enter Parkview's network, individual applications are
equipped with security systems designed to restrict access. Belcher
said cyber security measures include virus protection, monitoring
systemwide operations and tracking user activity.

Belcher said Parkview is helping the FBI in any way it can. She
referred specific questions about the investigation to Assistant U.S.  
Attorney David Miller, who would not comment on the matter.

A Medical Informatics official said the company is eager to see the
results of the FBI's investigation.

Chief Operating Officer Eric Jones said that "FBI investigators
indicated that there was evidence that machines on MIE's (Medical
Informatics Engineering's) network were somehow involved in the
alleged attack on ONE's (Orthopaedics Northeast's) network." But Jones
maintained that the company is innocent.

"We don't believe anything like that occurred," Jones said. "That is
not the way that we do business."

More information about the ISN mailing list