Medical Records Hacking Seems Like A Good Idea To The Bad Guys

Hacking hospitals for electronic patient records could be the next big thing, according to some security folks. The more I read this sort of stuff, the more it makes me want to shuffle off to a log cabin in the woods somewhere and finish out my time playing cards and making white lightnin'.
Various studies suggest that cyber-thieves have identified health data as a soft target. The Ponemon Institute, a U.S. privacy think tank, found that 40 percent of health-care organizations surveyed in 2014 reported being attacked by malware designed to steal data, up from 20 percent in 2010. The Privacy Rights Clearinghouse, which tracks large computer security breaches, reports that nearly four million more records were stolen this year than in any previous year.

Credit card information is less valuable on the black market than it was several years ago, says Don Jackson, director of threat intelligence at the security firm PhishLabs. That market is flooded, and credit card information is becoming less useful without supporting identification information, he says.

Medical records, however, often contain both identification information, such as Social Security numbers, and financial information. This can be enough to build a near-complete picture of an individual. And such information can command hundreds of dollars from black-market customers wanting to impersonate someone for the purpose of accessing bank accounts or drug prescriptions.

No comments :