Hacker looks to sell 655,000 alleged patient healthcare records on the dark web

article

A hacker claims to be selling 655,000 alleged patient healthcare records on the dark web, containing information such as social security numbers, addresses, and insurance details.

The news was first reported by Deep Dot Web Saturday. A hacker who goes by the name 'thedarkoverlord' gave Deep Dot Web images of purported records. Identifiable information from the records was redacted "so the target company can remain anonymous for now," the hacker told Deep Dot Web.

The databases are said to be from three different healthcare organizations and are being sold for between around $100,000 and $395,000, Deep Dot Web reports. One database originated in Farmington, Missouri, and contains 48,000 patient records, according to the report, while another from the Central/Midwest U.S contains 210,000 patient records. A third database from Georgia, U.S., has records on 397,000 patients.

In an encrypted conversation, the hacker told Deep Dot Web that the records were accessed using an exploit for Remote Desktop Protocol (RDP) that gives remote access to devices. A one-off copy of each database is reportedly being sold on TheRealDeal, a shadowy dark web marketplace that provides anonymity to buyers and sellers.