The hacker that posted 655,000 patient records for sale online has returned with a new sale: A database reportedly hacked from a health insurance company containing 9.3 million patient records.
Going by the username thedarkoverlord, the hacker obtained healthcare records from three unnamed organizations. In comments to DeepDotWeb, the hacker threatened that more information would soon be revealed. "There is a lot more to come," the hacker said.
DeepDotWeb also reported the latest data dump with information reportedly stolen from a health insurance company now being sold on TheRealDeal market. Like the previous three organizations, thedarkoverlord said the database was in plaintext.
This database is listed for 750 bitcoins, equivalent to approximately $485,000, according to the report.
In comments to DeepDotWeb, the hacker said healthcare organizations should pay to regain access to data.
"Why not just pay? Money makes it all go away and it is a modest cost compared to the total financial damage you will suffer if you do not pay to keep it from getting leaked," the hacker said.
The FBI and HHS recommend organizations do not pay ransoms.
What's more, the hacker indicated plans to leak more records.
"We are just getting started!" the hacker told DeepDotWeb.
More articles on data breaches:
Why Crysis is healthcare's most threatening ransomware yet
Dignity Health data breached by third-party employee with fake nursing license
12 latest healthcare data breaches