Hacker Sells Health Records From Nearly 10 Million Patients

Hospitals attacked in Missouri, Georgia, and Central Midwest

Health records from 9.3 million patients are being sold online by a hacker who stole the data from a health insurance database, according to FierceHealthcare. The hacker, who calls himself “thedarkoverlord,” put the records up for sale on TheRealDeal market for $485,000 (750 bitcoins). Earlier, the same hacker put records for approximately 655,000 patients at three hospitals for sale online. The data were stolen from unidentified hospitals in Farmington, Missouri; Atlanta, Georgia; and the “Central Midwest.”

The hacker told the Motherboard website that $100,000 worth of records had already been sold from the Atlanta hospital, saying that “someone wanted to buy all the Blue Cross Blue Shield insurance records, specifically.” The records included Social Security and insurance policy numbers, as well as names, birth dates, and addresses. Such data could be used for obtaining lines of credit, opening bank accounts, carrying out loan fraud, and much more, “thedarkoverlord” told Motherboard.

The hacker claimed that he obtained each database via an unknown vulnerability in remote desktop protocol, which allows authorized parties to control computers for purposes such as technical support. From there, “thedarkoverlord” claimed, he moved throughout the network “until I got to the juicy machines running their electronic health systems.”

“Next time an adversary comes to you and offers an opportunity to cover this up and make it go away for a small fee to prevent the leak, take the offer,” the hacker remarked.

Hospitals typically are encouraged not to meet a hacker’s ransom demands.

In February, Hollywood Presbyterian Medical Center in Los Angeles paid hackers approximately $17,000 (40 bitcoins) after a ransomware attack left its networks disabled.

Sources: FierceHealthcare; June 28, 2016; and Motherboard; June 26, 2016.