Why Are Hackers So Interested in Your Medical Records?

Hacker

It might seem like your medical records are safe from hackers. Who would even want to know the details of a stranger’s medical history?

But two major security breaches over this past week have once again proven again that hackers are very interested in your medical records, and they’re willing to go to great lengths to access them.

Cybercriminals Infiltrate Two Hospitals

Last week was rough for the medical industry as two hospital groups were hacked. Leon Medical Centers, which has eight locations in Miami, and Nocona General Hospital, which serves three Texas locations, were both infiltrated.

According to NBCNews, the cybercriminals made off with tens of thousands of files containing patients’ personal medical information.

The files contained everything from scanned diagnostic results, letters to insurers, employee background checks, and worst of all–colonoscopy results with full names included.

Leon Medical Centers released a full list of stolen information, including:

  • Name
  • Contact information
  • Social Security number
  • Financial information
  • Date of birth
  • Family information
  • Medical record number
  • Medicaid number
  • Prescription information
  • Medical and/or clinical information, including diagnosis and treatment history, and health insurance information
Leon Medical
Redacted image from Leon Medical Centers. | Source: NBCNews

Leon Medical Centers have notified the U.S. Department of Health and Human Services are investigating the breach.

Cyber attacks on the medical industry have been increasing in recent years, but what makes this particular breach so baffling is that the hackers quickly released their files onto the dark web. Which, as you’ll see, has not been the standard operating procedure.

What Do Hackers Want With Your Medical Records?

Hackers not only had a busy week, but they’ve also had a busy couple of years. According to a survey by cybersecurity firm Emsisoft, at least 560 medical providers were attacked with ransomware in 2020.

The attackers will infect a hospital’s network with ransomware, locking up the computers and making them inoperable. They’ll then demand a ransom to unlock the computers.

When the University of Vermont Health Network was breached last year, it lost an estimated $1.5 million per day and had to furlough 300 employees.

Check out this video on hackers who target the medical industry:

Hacker

If the hospitals refuse to comply, the hackers may threaten to spread the victims’ information online. It’s not clear if the hacker group demanded ransom from Leon Medical Centers and Nocona General Hospital.

According to James Scott, author of Your Life, Repackaged and Resold: The Deep Web Exploitation of Health Sector Breach Victims, once the hackers steal the files, the information will ‘go dark’ for a while before returning in a variety of ways.

The hackers aim to build packages called ‘fullz’ and ‘identity kits.’  Scott says these packages will usually include “all the intricacies of a person’s health history, preferred pharmacy, literally everything.”

From there, hackers will take their information onto the deep web to secure counterfeit passports, ID cards, and social security cards. Once the full kit is completed, they can sell for up to $2,000 a pop, says Scott.

What Can You Do to Protect Yourself?

Unfortunately, it’s mostly up to the medical groups to provide security for their patients’ records. And as we saw in 2020, even major cybersecurity firms can be hacked.

But there are a few cyber hygiene tips you can implement to keep yourself safer. If you have an online account with a healthcare group, be sure it’s secured well.

Use a long, varied password and enable two-factor authentication if possible.

If you’re one of the unlucky people whose medical provider has been hacked and you’re worried about identity theft, there are steps you can take to help mitigate the damage.

And if you think that one of your personal accounts has been hacked, reach out to us immediately.

Featured image by Sergey Nivens via Shutterstock. 

Get Your Digital Protection Plan

With your Digital Protection plan, we will help you immediately if you have been hacked, had your photos or videos leaked, or if your identity has been misused.

Get Your Digital Protection plan for just $8.99 here!

Order a Security Audit here.

Get Immediate Help here.

Avatar
Aaron Weaver
Aaron Weaver is the Head of Content for Hacked.com. He has over 15 years of journalism experience. As a tech-savvy editor and researcher, he prides himself on journalistic integrity by providing cutting edge data backed by the latest science.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Stats about Hacked.com: We have helped more than 500 clients in the past three months. We help more than 20 new clients every day, recovering hacked accounts, stopping cyberbullying, and removing content from the web. Contact us at support@hacked.com.