Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
CUSTOMER RELATIONSHIP MANAGEMENT NEWS. UPDATED 9 MINUTES AGO.
You are here: Home / Customer Data / Health Records for Sale on Dark Web
Millions of Health Records Appear for Sale on Dark Web
Millions of Health Records Appear for Sale on Dark Web
By Shirley Siluk / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
JUNE
29
2016
Two days after reporting that 655,000 healthcare records were found for sale on the dark web, the site DeepDotWeb said today that another insurance database with at least 9.3 million patient records is being shopped around by an anonymous hacker.

Over the weekend, a hacker using the name "thedarkoverlord" was offering for sale records taken from databases managed by three healthcare organizations in Missouri, Georgia and the Midwest, according to the site. The hacker, who was seeking payment in Bitcoins with a value ranging from around $100,000 to $395,000, reportedly told DeepDotWeb, "There is a lot more to come."

That same hacker appeared again today on a dark web market with an offer to sell another database with more than 9.3 million patient records for 750 Bitcoins, valued at around $485,000. The hacker's market listing claimed the plaintext data belonged to "a large insurance healthcare organization in the United States."

'Very Particular' Zero-Day Exploit

According to DeepDotWeb, the hacker selling the healthcare data claimed the information was accessed through a zero-day vulnerability in the Remote Desktop Protocol (RDP) used to connect devices across a network. A proprietary protocol developed by Microsoft for Windows-based applications, RDP provides users with a graphical interface for managing computer-to-computer communication.

Speaking with DeepDotWeb via Jabber over the weekend, thedarkoverlord reportedly said he was able to access the healthcare records due to "an exploit in how companies use RDP. So it is a very particular bug. The conditions have to be very precise for it."

As business records have become increasingly digitized and network-connected, the risks of breaches, thefts and data losses have grown. Healthcare data in particular offers the potential for hackers to profit via ransomware or fraudulent claims.

"[W]e have seen how all kinds of illegal goods are traded through black market digital sites, some on the dark net, taking advantage of the anonymization possibilities given by the technology, and many of them on the open net," Fernando Ruiz, head of operations for the European Cybercrime Centre, said in this year's "2016 Data Breach Investigations Report" from Verizon. "There is a clear demand for stolen data and, therefore, there will always be criminals ready to supply and satisfy this demand, especially if we take into account the disproportion between the risk-cost-profit, as data can be easily stolen and transmitted."

'Bit of a Data Breach Yard Sale'

A check of some of the information included in the recently hacked healthcare databases appears to be old, although some still appears to be accurate, a security blogger who goes by the name "Dissent" wrote yesterday on DataBreaches.net. The blogger noted she had also contacted "one well-known insurer" to find out whether any of the hacked data came from its systems, but had not yet received a response.

DeepDotWeb reported today that thedarkoverlord said in an encrypted chat that he had tried to contact the hacked healthcare organization but "they declined to respond." He added that the price of the records was "a modest cost" compared to the damage a large-scale leak could cause, and indicated more hacked data could be expected to appear up for sale.

These latest hacked database reports -- while they have yet to be validated -- appear to involve attempts to sell large volumes of old information taken in breaches some time ago, Christopher Budd, the global threat communications manager at the security firm Trend Micro, told us today. He pointed to last month's attempts to sell on the dark web 117 million user e-mails and passwords taken in a data breach at LinkedIn four years ago.

"It's a bit of a data breach yard sale going on," he said. Budd noted that while no healthcare organizations have yet confirmed the loss of data being offered for sale recently, the RDP protocol is "certainly a vector we've seen people exploit in the past." For now, however, the only evidence for such a breach is coming from the hacker, so more evidence is needed, he said.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN CUSTOMER DATA

NETWORK SECURITY SPOTLIGHT
A security researcher has found that hundreds of different models of HP notebooks, tablets, and other devices include a keylogger that could track and record every keystroke a user makes.

CRM DAILY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.