MSSS on Origin of the Data Breach on the Clic Santé website

in order to Check which duplicates should be canceled The Ministry of Health and Social Services circulated a file containing Some appointment information, including your health insurance number, Is among the COVID vaccination centers in Quebec.

Once out of the secure IT environment for MSSSMinistry of Health and Social Services, The file was easily searchable, to the point that Personnel in information security by chance on the relevant document On May 13th.

The MSSS Ministry of Health and Social ServicesIt does not specify the extent of the breach, nor the number of citizens affected by this data breach.

The malfunction, which QMI first reported, did not occur Caused harm, Confirms to the ministry, which confirms that it has, however It reviewed its procedures with vaccination centers to prevent a recurrence of such a case.

From now on, all transfers must be used [un canal sécurisé]Even if the data is not considered sensitive.

Beginner error

According to computer security expert Steve Waterhouse, this new breach demonstrates the indifference of government authorities when it comes to handling citizens’ personal data.

These are basic flaws, He insists. There are no audits regarding best practices that could be applied to Clic Santé in this case.

In his opinion, the Ministry of Health would not have heard of the hacking of the computer that he had opened himself without the attention of Internet users.

Without some people’s vigilance, there could have been malicious exploitation here and again, it would have caused harm to the residents and the citizens.

The MSSS Ministry of Health and Social ServicesEnsures that it is the information disclosed, The identity, name, or contact details of the person could not be obtained.

QMI, which was able to refer to one of the documents, confirms the opposite: by conducting checks between the dates and times of appointments, places of vaccination and health insurance numbers, It will be possible to get to know specific people.

With information from Camille Carpentier