Can Blockchains Reduce the Impact of Data Breaches?

Another day, another catastrophic data breach.  This time it’s medical records in Singapore, where I live.  At this stage we’re almost immune to this kind of headline:

Cyberattack on Singapore health database steals details of 1.5 million, including Prime Minister (Reuters)

But this is quite bad.  Eileen Yu noted in her piece for ZDNet (my emphasis):

Singapore has suffered its “most serious” data breach, compromising personal data of 1.5 million healthcare patients including that of its Prime Minister Lee Hsien Loong.

The affected users are patients of SingHealth, which is the country’s largest group of healthcare institutions comprising 42 clinical specialties, four public hospitals, five speciality centres, nine polyclinics, as well as three community hospitals.

Non-medical personal details of 1.5 million patients who visited SingHealth’s specialist outpatient clinics and polyclinics between May 1, 2015, and July 4, 2018, had been accessed and copied. The stolen data included patients’ name, national identification number, address, gender, race, and date of birth.

In addition, outpatient medical data of some 160,000 patients were compromised, though, the records were not modified or deleted, said the Ministry of Health and Ministry of Communications and Information (MCI), in a joint statement late-Friday.

Continue reading “Can Blockchains Reduce the Impact of Data Breaches?”

A gentle introduction to self-sovereign identity

In May 2017, the Indian Centre for Internet and Society think tank published a report detailing the ways in which India’s national identity database (Aadhaar) is leaking potentially compromising personal information. The information relates to over 130 million Indian nationals.  The leaks create a great opportunity for financial fraud, and cause irreversible harm to the privacy of the individuals concerned.

It is clear that the central identity repository model has deficiencies.  This post describes a new paradigm for managing our digital identities: se
Continue reading “A gentle introduction to self-sovereign identity”