News

The Black Market for Stolen Health Care Data

cyber-crime-(2)

In the cyber underworld, criminals are trying to figure out how to cyber-crime-(1)turn every piece of our digital life into cash. The newest frontier: health records. They have names that end with .su and .so, instead of the more familiar .com and .org.

According to the online rating system — similar to Yelp, but for criminal sales — the dealer delivers what’s promised and gets 5 out of 5 stars. The dealer is selling a value pack that includes 10 people’s Medicare numbers – only it’s not cheap. It costs 22 bitcoin — about $4,700 according to today’s exchange rate.

Security experts say health data is showing up in the black market more and more. While prices vary, this data is more expensive than stolen credit card numbers which, they say, typically go for a few quarters or dollars.

Health fraud is more complex. Records that contain yourSocial Security number or mother’s maiden name are used for identity theft. Health care companies saw a 72 percent increase in cyber-attacks from 2013 to 2014, according to the security firm Symantec. Companies are required to publicly disclose big health data breaches. And there have been more than 270 such disclosures in the last two years.

Companies subject to federal HIPAA rules, which were designed to protect privacy, choose to interpret them loosely — in a way that gets around the basics, like encryption. They assume, incorrectly, that the walls around the network are safe.

Larson is part of the industry group National Health ISAC which is trying to raise the bar and make hospitals more like banks when it comes to investing in security.

Orion Hindawi with Tanium, a firm that monitors computer networks, says health care providers are far from there. They’ve been racing to grow, to digitize health records, to make mobile apps, to acquire other companies — all this without having a basic handle on how big their networks even are.

Recently, the health care company Anthem suffered a major cyber-attack. Anthem revealed last week that as many as 80 million people’s records may have been stolen. Hindawi says he expects to see many more Anthems.

 

Don't be shellfish...Share on Facebook0Share on Google+1Share on LinkedIn0Share on StumbleUpon1Pin on Pinterest0Tweet about this on Twitter0
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Most Popular

To Top