phthevenFeb 24

Another fucking health app hack

https://lemmy.world/post/43509331

Another fucking health app hack - Lemmy.World

The Privacy Commissioners Office has been calling for proper fines for data breaches for YEARS. Not a single muppet in the beehive has even given it a thought, from what i can tell. The current maximum penalty is $10000. Australia has their maximum penalty set to $50 million.

Show threadFiniteBanjoFeb 24

I’m in this weird position where I’ve never been a part of a Data Breach in part because I don’t install or use any unnecessary Apps. I don’t use them. Apps are not secure and that adds insecurity to entire devices.

It would take an equifax level data breach to release my information.

Show threadphtheven

Yeah mate i think it’s fairly likely that many of us on here don’t go around installing bullshit apps. I haven’t been affected either.

The previous hack (manage my health) was not an app that people installed on their phones, it was a health management portal that patients were signed up to when they enrolled to clinics and practices that made use of that platform. These health providers used this as a database to store the medical information for all their patients. Molemaps, xrays, doctors notes, everything was uploaded, not by patients, but by their medical care providers.

If you’re enrolled at a gp it’s likely that your data is sitting in a similar system. MyIndici is an example I’m aware of, although it hasn’t been hacked to my knowledge.

The concern doesn’t stop with health apps either. Any third party data portal/platform is theoretically at risk, and kiwi companies love outsourcing risk to these private corps. Imagine the fallout from a RealMe hack, for example? It’s no less likely at this point, and because of the lackluster regulation around these data platforms, they have no real incentive to beef up security. That’s the issue here.

Feb 24 at 4:00amWeb
Show threadFiniteBanjoFeb 24
I think it’s worth pointing out that the vast majority of the public lack the basic ability to protect themselves from vulnerabilities and are apathetic to the dangers of the act of installing random apps to personal devices, even those associated with legitimate institutions and services.
Show threadphthevenFeb 24

When the post is making the case for stronger legislation, and you respond by bringing up the individual responsibility of those affected, it certainly gives the impression that you are arguing against regulation and shifting the blame toward the personal failings of the victims.

Most of the people affected in this hack appear to be the elderly and disabled. Many of them do lack the ability to protect themselves, not through apathy or ignorance, but because they are some of the most vulnerable people in our society. I think it’s important to approach these issues with compassion and understanding, rather than getting on your high horse and preaching to the choir.

Show threadFiniteBanjoFeb 24

Two things can be true at the same time:

  • The solution is regulatory and perhaps even technological and standardization.

  • This happens because people are dumb enough to implement and install unnecessary apps