How Hackers Earn From Stolen Medical Data

Data breaches have become quite common these days. Social media platforms, websites and gaming services have been attacked by hackers quite often that it’s not new to hear about them anymore on the news.

However, another area that’s being targeted by these security attacks is the healthcare industry. Medical records and patient information are being sought by hackers for good reason.

Just last week, medical testing company LabCorp confirmed that the personal and financial data of 7.7 million of its customers have been exposed by a breach at a third-party billing collections company.

Days prior, American Medical Collection Agency informed Quest Diagnostics that 11.9 million of its patients have also fallen victim to a massive data breach that enabled an unauthorized user to access pertinent information of its clients, such as their Social Security numbers, financial details and medical data.

So why are hackers so keen on stealing medical data? The simple answer to this question is money. Hackers actually earn a lot by selling medical information of numerous patients.

According to a report released by Carbon Black, the most expensive offering on the Dark Web market at present pertains to information that can be used to forge a medical background. Per listing of medical data like insurance documents, medical diplomas, doctor licenses and DEA licences could be valued at $500.

After compromising a healthcare provider’s corporate network, the hackers reportedly look for ways to sell the stolen information that could support a forged doctor’s identity. Per the report, hackers offer them for a price that’s high enough to constitute a return of investment but low enough just so many people could afford to buy them.

The buyers are then very likely to be involved in shady business that would also benefit them financially. They could pose as the stolen doctor’s identity and make claims to insurance providers for high-end surgeries and whatnot.

“In healthcare, prevention often stands to be the best cure,” Carbon Black indicated in its report. “This holds true for both physical and digital health. A person's digital (and often physical) health can be directly tied to the cybersecurity posture of their healthcare providers.”

People wait in line at a health insurance enrollment event in Cudahy, California March 27, 2014. People wait in line at a health insurance enrollment event in Cudahy, California March 27, 2014. REUTERS/Lucy Nicholson