AHS Facebook breach a reminder to protect yourself online
Posted Aug 25, 2022 12:12 pm.
If you want to watch someone livestream a videogame, most people usually visit a website like Twitch. But you wouldn’t expect to see to see a game livestreamed on Alberta Health Services (AHS) EMS Facebook page.
Tuesday night, Albertans were shocked to see the EMS social media page streaming a 20-to-30 second loop of someone playing Dota 2. It was on screen for just under four hours. The video is still up on the page, and AHS tells CityNews that it’s “actively working with Facebook to assist in shutting down the page.”
On Wednesday night, it happened again.
However, a different video was streamed for a much shorter amount of time.
Joel Reardon, an associate professor of computer sciences at the University of Calgary, says this kind of thing happens all the time.
“Someone logged in with the password as a sort of prank-type thing, put something up there as a joke, and changed the password,” Reardon said. “And then the legitimate account holder is thus unable to enter into the account to remove it.”
Reardon adds situations like this are a reminder for people to set up security features like two-factor authentication to decrease your risk of someone guessing your password and locking you out of your online accounts.
“So the fact that it’s remaining suggests that indeed, the password has been changed and they are effectively locked out of the account, [like] anyone else who had their account signed into by someone and had the password changed,” Reardon explained.
AHS says no patient information had been breached, as they don’t use Facebook or any social media platform to share or store patient information.
But what seems like a harmless joke also reminds us that data breaches can happen, even to official agencies.
“Certainly it should give an indication that we shouldn’t necessarily be relying on for-profit corporations to be managing something that would be seen as an important system for information delivery,” Reardon said.
READ MORE:
-
Leela Aheer says social media hack tried to ‘silence her’
-
UCP leadership hopeful Leela Aheer targeted in social media hack
-
Apple warns of security flaw for iPhones, iPads and Macs
There are basic steps people can take to better secure themselves online. By using security features like multi-factor authentication, you can decrease your risk of having your accounts hacked.
Google Authenticator and Microsoft Authenticator can be used to reduce risk and password guessing by 99.9 per cent, according to David Shipley, CEO and founder of Beauceron Security.
He says large cities in Canada are more likely to have the right resources to thwart hacking attempts, while rural areas may not.
“If you’re if you’re fortunate to live in a big city — Calgary or Toronto or Halifax — there may be a police department who has some expertise to help you. Oftentimes, if you’re a smaller community, or rural, they don’t have the skills to help.”
It’s also important to clear up any wrongdoing with the police right away, if your account is hacked.
“Referring to police is never a bad idea. But they’re going to be able to offer limited assistance,” Shipley said. “What happens best with police accounts is that any particularly malicious crimes like this, or if there’s evidence of other crimes being committed from your account, getting it on the record with police that this is not you is probably a really good idea.”