Hackers steal dead people's medical records and sell them on the dark web

One post said the potential uses of the data is 'only limited to your imagination'

Anthony Cuthbertson
Friday 13 July 2018 09:40 EDT
Comments
Cyber security researchers uncovered medical databases containing the personal details of 140 million patients
Cyber security researchers uncovered medical databases containing the personal details of 140 million patients (Getty Images/iStockphoto)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Medical records of deceased patients are appearing on illicit market places on the dark web, cyber security researchers have discovered.

Cyber criminals are advertising huge caches of personal data of up to 140 million patients, with their value exceeding that of stolen credit card details.

The morbid trend follows an increasing amount of incidents of medical data breaches, as reported by Oren Koriat, an analyst at the security firm Cynerio.

"Cynerio is still seeing continued growth in the number of incidents of patient medical record breaches from hacking and unauthorised access to healthcare systems," Mr Koriat wrote.

"Recently, Cynerio has detected an interesting new wrinkle in the sale of stolen medical data on the dark web. Our research team found a post from a vendor on the dark web offering the medical records of the deceased."

The listings are appearing on black markets on the dark web, a section of the internet that has become synonymous with illegal activities due to the proliferation of drug marketplaces like the now defunct Silk Road. Often confused with the deep web – a vast part of the surface web that is not indexed by search online search engines like Google – the dark web requires specialist software tools like the TOR web browser to access.

While medical records being listed on illicit market places is nothing new, the sale of data from recently deceased patients points to cyber criminals exploiting the fact that identity fraud victims will not report suspicious activity if they are dead.

"I have a fresh US medical database including nearly 140 million records," one vendor wrote in a dark web listing. "Each record has the fields: Name, SSN [social security number], address, zip, phone, birthday, sex, insurance.

"There is even a death date for each record if the one is dead, more about 60,000 records have death date [sic]."

The price of the data is listed as $2 per record in batches of 100, going down to $0.60 per record if bought in batches of 1,000.This gives all 140 million records a potential value of $280 million.

Beyond financial fraud, cyber criminals could exploit the healthcare records for other purposes like redirecting medication to different addresses, or request doctors appointments on other people's health plans.

One dark web post, shared by Mr Koriat, explained the potential uses of the data is "only limited to your imagination."

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in