The 3 other batches cover as many as 655,000 patient records, from healthcare groups in Atlanta, Georgia, Farmington, Missouri, and the other city within the Midwestern U.S. The hacker did not provide the names from the affected groups.
This info are now being offered in four separate batches. The greatest batch includes 9.3 million patient records stolen from the U.S. medical health insurance provider, also it increased for purchase on Monday.
The hacker used just a little-known vulnerability inside the Remote Desktop Protocol to interrupt in to the insurance provider’s systems, he stated in the posting around the underground community site.
A hacker states have stolen near to ten million patient records and it is selling them for around $820,000.
Healthcare providers are noticed as especially susceptible to cyberattacks simply because they haven’t invested just as much inside it security, experts say.
Utilizing an online message sent with the market, thedarkoverlord rejected to reply to any queries unless of course compensated. The hacker wants as many as 1,280 bitcoins for that data he stole.
Healthcare providers and insurance providers are seeing more hacking attacks as much more of their data goes digital. In December 2014, cybercriminals targeted Anthem, among the biggest medical health insurance companies within the U.S., making served by records owned by as much as 80 million people.
Over the past weekend, the hacker, known as thedarkoverlord, started posting the purchase from the records on TheRealDeal, a underground community located on the deep Web. (It may be visited via a Tor browser.)
To steal these patient records, the hacker used “easily available plain text” passwords to gain access to the systems in which the data was stored, based on his sales postings.
The information includes names, addresses, dates of birth, and Social Security figures – which could be employed to commit id theft or connect to the patient’s accounts.