Rachel King reports:
Computer-security researchers have discovered on a website documents that could allow hackers easily to obtain electronic medical records and payment information from health-care providers.
The documents—found by two cybersecurity firms on a site commonly used by hackers—detail the type of equipment used in computer networks, the Internet addresses for computers and other devices, and the passwords to network firewalls run by health-care providers such as nursing homes, doctors’ offices and hospitals.
If such networks were accessed, cybercriminals easily could find personal details on individuals, security experts said. Such information could be used to sell credit-card data and medical information that could be used to commit insurance fraud.
A search by The Wall Street Journal of the website, 4shared.com, turned up information from three nursing homes: the Bronx Center for Rehabilitation & Healthcare in New York; the Glengariff Healthcare Center in Glen Cove, N.Y.; and the Campbell Hall Rehabilitation Center in Campbell Hall, N.Y.
[…]
Confidential medical information from a range of providers was discovered on 4shared.com by NorseCorp., a cybersecurity firm based in St. Louis. The networks of about 375 U.S.-based health-related institutions, including hospitals, physicians’ offices, pharmaceutical companies and health-plan managers were compromised by hackers for various purposes from September through October of last year, according to NorseCorp. Some of that information ends up on sites such as 4shared.com.
Read more on Wall Street Journal.