Vaccine Passports: How B.C. can learn from Quebec's errors, according to experts
Vaccine Passports: How B.C. can learn from Quebec's errors, according to experts
VANCOUVER, British Columbia —
Hackers were able to get the QR codes of many lawmakers, including Premier Francois Legault, just hours after Quebec's vaccination passport system was introduced on the government websit
Hackers most likely obtained the QR codes from the government website using dates of birth, health insurance numbers, and first vaccination dates, according to cybersecurity experts
Hackers most likely obtained the QR codes from the government website using dates of birth, health insurance numbers, and first vaccination dates, according to cybersecurity experts
They're now advising that as B.C. prepares to introduce its own vaccination passports, it must be wary of data breaches.
“Hackers can easily access publicly available information on high-ranking government officials by going online
Their name, vaccination status, and date of birth are all readily available informationUnfortunately
“Hackers can easily access publicly available information on high-ranking government officials by going online
Their name, vaccination status, and date of birth are all readily available informationUnfortunately
According to Carmi Levy, a technology analyst in London, Ontario, the Quebec government did not add extra security layers to its website to guarantee that only users downloading their own QR codes are doing so.
While it may appear to be a small privacy infringement, Levy believes it might lead to identity theft.
“Here's the thing about identity theft: you get one piece of information in one place, a couple more pieces of information elsewhere,” Levy explained. “If you're a hacker, you can assemble a dose of data on your victim from multiple sources, and then you can go to town.”
“Here's the thing about identity theft: you get one piece of information in one place, a couple more pieces of information elsewhere,” Levy explained. “If you're a hacker, you can assemble a dose of data on your victim from multiple sources, and then you can go to town.”
While it may appear to be a minor breach of privacy, Levy believes it could result in identity theft.
“The problem with identity theft is that you acquire one piece of information in one place and a couple more pieces of information in another,” Levy added. “If you're a hacker, you may gather info about your target from a variety of sources and then go to town.”
“The problem with identity theft is that you acquire one piece of information in one place and a couple more pieces of information in another,” Levy added. “If you're a hacker, you may gather info about your target from a variety of sources and then go to town.”
Cybersecurity experts believe that the government of British Columbia is keeping an eye on what is going on in Quebec and learning from their errors.
“It's important that we take our time and don't rush through things. We need to consider all potential risks and conduct a threat modeling exercise to see how this data and QR codes may be misused.” Cyber.sc's top strategist, Dominic Vogel, agreed.
“It's important that we take our time and don't rush through things. We need to consider all potential risks and conduct a threat modeling exercise to see how this data and QR codes may be misused.” Cyber.sc's top strategist, Dominic Vogel, agreed.
We should also treat QR codes like we treat our signatures, our
passwords and our usernames. We should not be sharing them or taking
pictures on social media. We shouldn’t be telling people where we got
vaccinated and what we got vaccinated with. All of this information in
the hands of a hacker, could potentially be used against us,” added
Levy.
ليست هناك تعليقات