DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Medical Info for Sale Online

Posted on September 24, 2013 by Dissent

A report by Tisha Thompson and Rick Yarborough of the  News4 I-Team makes a good point  – that even when people know their PII is floating around or may be on black markets, they often have no clue their medical information or insurance information is also for sale on underground markets.The team interviewed one of the black market sellers. Here’s a bit of their report:

He said he got most of the current medical records from India, where call centers gather information by phishing over the phone. In those call centers, he said, “You’re going to see people buying data, selling data, like it was candy at a store.”

The seller also described how the operation worked when he, himself, was a telemarketer for an overseas company. He said callers would try to get missing private details from people over the phone. “They gave me a script that I had to read,” he said. Part of the script read, “’So, what is your name? What is the doctor’s name?’ When we didn’t even have the doctor’s name on it,” he explained. “We were just saying that.”

Those private details were then often sold to medical companies that targeted people with health conditions and charged insurance companies for services and supplies.

Read more on NBC.

A recent Ponemon survey highlighted their finding that most people do not check their medical records for accuracy. I would venture to say an even greater percentage have no clue at all whether their health-related information is up for sale on the black market. And because most of us would have no idea how to go about finding out, your best bet is to (1) check your Explanation of Benefits statements to see if anything “hinky” is showing up, (2) check your credit report, which are you entitled to get for free periodically, (3) be cautious about giving out information over the phone to out-sourced call centers, and  (4) check your medical records for accuracy.

With respect to the last point, when my primary care provider switched over to EMR, they input a lot of information into the system. In glancing over their printout of an appointment, I noticed that it showed I had a history of hypertension. I don’t. A staff member casually said, “Well, maybe you had one instance of high blood pressure and that’s why it showed up.” I responded firmly that they were to delete that as it was inaccurate and misleading, and might have both insurance and healthcare implications down the road. And then I waited until they deleted it.

Protect yourself.

Category: Uncategorized

Post navigation

← Alabama state employee sentenced for stealing info from state database for tax refund fraud scheme (updated)
The DEA Thinks You Have “No Constitutionally Protected Privacy Interest” in Your Confidential Prescription Records →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.