On Sunday, DataBreaches.net reported on healthcare databases that are up for sale on the darknet in the RealDealMarket. The seller is “TheDarkOverlord,” who provided descriptions of the databases and samples, but did not name the victim entities. In a number of encrypted chats with the hacker since then, DataBreaches.net obtained additional information about the identity of…
Category: Health Data
264,000 and counting: Hack of EHR/EMR vendor leaves clients scrambling
What data security incident currently holds the undesirable status of 2016’s largest incident involving patient data that has been reported to HHS?* There’s a good chance you’ve never heard about it because the company has remained publicly mute. San Jose-based Bizmatics, Inc. designs and markets electronic health record and electronic medical records practice management software…
Lording it over the healthcare sector: health insurer database with 9.3M entries up for sale
As if yesterday’s news that three databases with 655,000 patients’ records were up for sale on TheRealDeal by “TheDarkOverlord” wasn’t disturbing enough, today they’ve listed a database with 9.3 million records from an unnamed U.S. health insurer. The listing sets a retail price of 750 BTC, which is almost $500,000.00, and the seller describes it this…
More details emerge on hacked patient databases up for sale
Yesterday, I reported that three unidentified patient databases had been put up for sale on the darknet on TheRealDeal market. I was subsequently able to have a chat with TheDarkOverlord (the hacker/seller) about the hacks and the refusal of the victims to pay the extortion demands. You can read more of what TheDarkOverlord shared with me…
Anyone know what healthcare facilities these are? 655,000 patient records up for sale on dark net (UPDATED)
Seen up for sale on a forum (I’m redacting the ads and samples): Healthcare Database (48,000 Patients) from Farmington, Missouri, United States This product is a considerably large database in plaintext from a healthcare organization in Farmington, Missouri, United States. It was retrieved from a Microsoft Access database within their internal network using readily available plaintext…
Mercy Medical Center Redding notifies patients after discovering NaviHealth case manager was working under a stolen identity
Typically, when an entity posts a link to a security breach notification on their web site, it’s a normal or small font. If you’re lucky, it’s positioned so that you stand a chance of spotting it immediately. But Mercy Medical Center Redding wanted to make sure they caught their patients’ attention with this graphic on…