A recent report caused the blogmaster to search BU Archives.
As far back as 2014 with the support of vested parties led by subject matter expert James Bynoe, several blogs highlighting the threat posed by cybersecurity were to Barbados Underground – list a FEW- Understand Internet Data Privacy: What should you know and expect, Website Defacement Cyber threat to the Caribbean and Caribbean Businesses, Organizations and governments and people could be losing millions to cyber criminals and hackers and don’t know it appeared. For those interested do a search using ‘cybersecurity’ of the BU Archives.
Last week it was reported the Queen Elizabeth Hospital (QEH) suffered a cybersecurity incident. Another way to explain it – information was stolen from QEH’s database by unknown parties. So far the official and sanitized explanation is – “the QEH was taking all necessary precautions to protect the integrity of our systems ans patient privacy“. On December 14. 2022 the QEH issued a report indicating changes to its operations because of the cybersecurity incident – Temporary Changes At QEH Due To Internet Outage.
The blogmaster from the inception of Barbados Underground in 2007 has been bemoaning the lack of financial and IT literacy in Barbados. A read of the comments section under the blogs linked and others support the conclusion. Several BU commenters questioned the bona fides of James Bynoe and the priority given by BU to matters of IT security in the Barbados landscape. As the saying goes, if you don’t hear, you will feel.
So far the official statement may suggest to Barbadians the government and officials at the QEH have the matter under control, FALSE. We have confirmation from officialdom of a breech which means an unauthorized person or persons have access to confidential health information of Barbadians and others who have had to seek medical attention. The information stolen can be used for many purposes depending on what stored in the QEH database. According to website TechTarget a primary healthcare provider database includes the following:
- address (anything smaller than a state);
- dates (except years) related to an individual — birthdate, admission date, etc.;
- phone number;
- fax number;
- email address;
- National ID number;
- medical record number;
- health plan beneficiary number;
- account number; credit card details (blogmaster)
- certificate or license number;
- vehicle identifiers, such as serial numbers, license plate numbers;
- device identifiers and serial numbers;
- web URL;
- Internet Protocol (IP) address;
- biometric IDs, such as a fingerprint or voice print;
- full-face photographs and other photos of identifying characteristics; and
- any other unique identifying characteristic.
It is optimistic for concerned Barbadians to expect reasonable explanations to be forthcoming from government. No doubt the ramifications of the QEH breech will be cloaked under it being a national security matter. There is a ‘casualness’ successive governments seem to manage confidential information of Barbadians, some have not forgotten the sharing of personal information by the Barbados Electoral Office leading into the last general election.
The blogmaster is not optimistic the rank and file Barbadian understands the importance of managing data in a protected environment ‘far less’ our leaders. Being reactive is a curse we will have to live it seems.
Where there is no vision what…?