Often these patient records can be found on the dark web or black market. Sellers offering patient records promote they have gained access to the medical information through hacking a hospital or payer database.
One seller offered children’s health records from a pediatrician. Another dark web post advertised for an entire Georgia hospital database, filled with 397,000 patient records.
Patient records can sell for up to $1,000 due to the amount of information found in the documents, including date of birth, credit card information, Social Security number, address and email. Social Security numbers can be purchased for as little as $1, and credit card information sells for up to $110, according to CBS News.
Of the patients who have their medical records compromised, many are left grappling with the effects years later.
More articles on cybersecurity:
Phishing attack exposes 30,000 patients at Mississippi hospital
Facebook leaked protected health data, FTC complaint alleges
Rush exposes names of 908 patients in breach