Dive Brief:
- An investigation by InfoArmor revealed that cyber criminals hacked into PilotFish Technology and placed all of its source codes for sale on an underground market called AlphaBay, Healthcare IT News reports.
- The threat actor, known as “batwhatman,” may have compromised a corporate SVN server and stolen multiple application codes written in JAVA, according to a report by the security firm.
- PilotFish develops middleware to integrate disparate systems and support medical devices with HL7 features.
Dive Insight:
Cyberattacks have been plaguing the healthcare industry. The size of the health IT market was valued at $41.2 billion in 2013 and as the demand for new technologies and solutions continues to grow, so do the threats of cyberattacks.
According to InfoArmor, some of the listings in the source codes include strings like “pieadmin,” “EIPExecutor,” and “eip-server,” suggesting that they are business applications developed by PilotFish.
In addition to source codes, the hackers got usernames of PilotFish employees who were associated with various compilation instructions. And they claim to have access to PilotFish’s customer database, putting customers at future risk of targeted phishing attacks, InfoArmor says.
The database includes information from 1,797 U.S., Canadian, European, Australian, and Chinese companies. InfoArmor discovered the breach on Aug. 9.
“This is clearly a risk to users of PilotFish Technology software, particularly within the Healthcare industry, and should raise significant concerns regarding the potential associated with third party providers being targeted by cyber criminals,” InfoArmor says.