DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Medical Insurance Fraud: Doctors’ identity info for sale on dark web marketplace

Posted on May 16, 2019 by Dissent

There have been numerous estimates over the years about how much a patient’s information sells for on dark web marketplaces.  But what about a doctor’s information? If you had the necessary documentation on a physician who could bill electronically for their services, how much could you make by sending fraudulent bills to Medicare or insurers? And what would it cost you to get those documents?

Warning: Health Insurance Fraud

According to a listing on a dark web marketplace, if you’re an experienced fraudster, you could make more than $1 million a year. And the records you need to support your lucrative fraud operations will cost you (only) $500.

I didn’t recognize the seller’s username when I came across the listing, but  my research indicated that they are likely to be the same seller who had called themself  “PikachuPacket” on WallStreet Market. From the registration date, it appears that when WSM shuttered, “PikachuPacket”simply moved over to this other marketplace and started selling under a new username.  While many sellers would use the same username they had used elsewhere so their old customers could find them again, PikachuPacket did not have particularly high ratings on WSM and a name change on a new marketplace may have seemed a good way to start to build a better reputation.

DataBreaches.net is not naming the marketplace or providing the seller’s new username.

The listing was a bit unusual because the seller’s listing linked to two FBI wanted posters that have not really drawn media attention. If you’re trying to sell information to use for fraud, would you link to wanted posters of fraudsters?  But this seller seems to have decided that the wanted posters validated the value of fraud that could be committed by what he was selling:

Some fraudsters who know very well what this info is worth (But obviously wern’t as careful as they could have been):
https://www.fbi.gov/wanted/seeking-info/unknown-suspect-1-1
https://www.fbi.gov/wanted/seeking-info/unknown-suspect-2-2

The FBI’s wanted poster for the male suspect states:

The unknown suspect and a female accomplice are alleged to have stolen the identities of at least 19 medical professionals from across the United States. The suspects have then allegedly used these identities to submit fraudulent claims to Medicare for high-end surgeries. These claims have been paid electronically into more than 30 bank accounts that were opened using false or stolen identities. The unknown suspects allegedly use these accounts to launder the money from one account to another, then obtain the fraudulent funds through ATM withdrawals.

Referring to those posters, the seller wrote:

This is a new and extremely valuble scheme and I’m not selling info on how to to it, only the details needed to cary out the scam.

To give you the rundown, you can use these identities to submit fraudulent claims to Medicare and Insurance for high-end surgeries and have the funds sent to a drop.

And what can you get for your $500? If you purchase from this seller, you supposedly get high-quality color scans that include a:

Bachelor Diploma
Bachelor Medical Technology
Resume
Malpractice Insurance Document
Medical Diploma & Board Recommendations
Medical Doctor License
DEA License
Medical Technologist Certification (ASCP)
New Mexico MD License
Driving License Scan
Passport Scan

As of today, there haven’t been any sales.

And as a color-me-curious side note: I wonder how this threat actor knew about those wanted posters. Is the doctors’ information for sale in this listing part of the data that the two wanted suspects had stolen?  You’d think that insurers would have flags up on the names of the professionals whose information had been stolen, but was any warning or PIN ever sent to health insurers about these 19 sets of compromised credentials that had been used for insurance fraud?

Category: Breach IncidentsCommentaries and AnalysesHealth DataID TheftOf NoteU.S.

Post navigation

← Singapore Red Cross website hacked; more than 4,000 blood donors’ info compromised
GozNym malware: cybercriminal network dismantled in international operation →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • B.C. health authority faces class-action lawsuit over 2009 data breach
  • Private Industry Notification: Silent Ransom Group Targeting Law Firms
  • Data Breach Lawsuits Against Chord Specialty Dental Partners Consolidated
  • PA: York County alerts residents of potential data breach
  • FTC Finalizes Order with GoDaddy over Data Security Failures
  • Hacker steals $223 million in Cetus Protocol cryptocurrency heist
  • Operation ENDGAME strikes again: the ransomware kill chain broken at its source
  • Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials
  • Mysterious hacking group Careto was run by the Spanish government, sources say
  • 16 Defendants Federally Charged in Connection with DanaBot Malware Scheme That Infected Computers Worldwide

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • D.C. Federal Court Rules Termination of Democrat PCLOB Members Is Unlawful
  • Meta may continue to train AI with user data, German court says
  • Widow of slain Saudi journalist can’t pursue surveillance claims against Israeli spyware firm
  • Researchers Scrape 2 Billion Discord Messages and Publish Them Online
  • GDPR is cracking: Brussels rewrites its prized privacy law
  • Telegram Gave Authorities Data on More than 20,000 Users
  • Police secretly monitored New Orleans with facial recognition cameras

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.
Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report