Hacked medical records are a significant threat to consumer’s health and privacy. The vast majority of stolen records finds its way to the deep web, where it is bought and sold at rather high prices. Unfortunately, the price of medical information has gone down, making it far more accessible to criminals than ever before. The news goes to show information security remains a critical vulnerability in the healthcare sector.
Cheaper Medical Records On The Darknet
One can not put a price on a human life. Or to be more precise, one can put a price tag on a person’s medical information. Hackers and criminals scour the darknet to find these sensitive details about individuals, which they then use for all kinds of nefarious purposes. Up until now, this type of activity was rather restricted, due to rather high prices for hacked medical records.
A new study by the Institute of Critical Infrastructure Technology goes to show the tides are changing. The average price of stolen medical records has decreased significantly, as there is an abundance of information to be found across deep web marketplaces. Given the lack of healthcare’s IT security, this news is anything but surprising.
When supply starts to exceed demand, prices will inevitably start to plummet sooner or later. At the same time, law enforcement agencies are paying far more attention to stole medical records than ever before. Selling this type of information has become more challenging at the regular prices, forcing criminals to accept low ball offers for these treasure troves of information.
To put this news into perspective, the average price per medical record was between US$50 and US$100. However, individual records are becoming more common, pushing prices down to US$20. Criminals are more successful in selling major databases all at once, although those average prices have dipped slightly as well.
That being said, there are still some very worrisome trends to keep in mind. The vast majority of stolen medical records originate from US hospitals, a trend that has been present for several years now. Although it remains unsure how hackers retrieve these vast amounts of data on a continual basis, ransomware attacks will play a role in this scene. As the malware encrypts all network information, some of the details will be copied and sent to the criminals as well.
Back in 2015, nearly 100 million medical records were hacked. Ever since that time, those numbers have only increased, effectively flooding the darknet with medical records. Healthcare institutions have their work cut out for them in the security department, but the lack of budget is not helping things move along. For now, the uneasy situation continues to evolve, and patients are at constant risk of having their medical data exposed.
Header image courtesy of Shutterstock