Forged medical diplomas, the dark web — Here's where stolen healthcare data ends up

Listen

Media coverage of data breaches often explain how an organization was attacked and report how many people's data was exposed. Cybersecurity researcher Ravi Sen, PhD, shares where the stolen data ends up in a May 13 op-ed published by The Conversation.

Dr. Sen tracks data breaches and the black market of stolen data. The destination of stolen data often depends on who is behind the attack and their motive behind the attack, he said.

Seven details:

  1. If the cyberattackers intend to embarrass a person or organization, they usually release the data into the public domain. If data is stolen by foriegn national governments, it is usually not exposed or sold. Instead, it is used for espionage purposes and to gather information on U.S. government officials.

  2. Data is usually stolen to make money. Eighty-six percent of data breaches are about money and 55 percent are committed by organized cyber gangs, according to Verizon's data breach report.

  3. Stolen data often ends up for sale on the dark web. Buyers can purchase the data with bitcoins or through Western Union.

  4. A large surplus of stolen personally identifiable information caused its retail value to tank from $4 in 2014 to $1 in 2015. Email dumps containing from 100,000 to more than a million email addresses go for $10 and voter databases from states sell for $100, Dr. Sen said.

  5. Credit card details of an account with a purchasing balance up to $5,000 can be sold for $240 in 2021. Credit card numbers and security codes can be used to create fake credit cards, which are used in fraudulent purchases.

  6. Healthcare data is attractive to data thieves for extortion purposes. Cybercriminals can extort the health system they retrieved the data from and extort patients by threatening to release intimate patient data unless money is retrieved.

  7. Stolen data including medical diplomas, medical licenses and insurance documents can be used to forge a medical background. These phony physicians will then submit claims to Medicare and other insurance providers for high-end surgeries, ZD Net reported. 

© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Whitepapers

Featured Webinars