January 10, 2017
From emails to Netflix and Uber account information to other personally identifiable information has long been for sale on the Dark Web. A recent article from Fast Company, On The Dark Web, Medical Records Are A Hot Commodity, shares that medical records are the latest offerings for sale on the Dark Web. Medical records sold in these marketplaces usually include an individual’s name, birthdate, social security number and medical information. They fetch the relatively high price of $60 a piece, in comparison to social security numbers at $15. The article explains more,
On the dark web, medical records draw a far higher price than credit cards. Hackers are well aware that it’s simple enough to cancel a credit card, but to change a social security number is no easy feat. Banks have taken some major steps to crack down on identity theft. But hospitals, which have only transitioned en masse from paper-based to digital systems in the past decade, have far fewer security protections in place.
Cybercrime of medical records is potentially life-threatening because oftentimes during the theft of medical records, data showing allergies and other vital information is erased or swapped. Hopefully, the amount of time it took the medical industry to transition from paper to electronic health records is not representative of the time it will take the industry to increase security measures.
Megan Feil, January 10, 2017
December 20, 2016
Will the healthcare industry become the target of cyber threats? Security Affairs released a story, Data breaches in the healthcare sector are fueling the dark web, which explains medical records are among the most challenging data sources to secure. One hacker reportedly announced on the Dark Web he had over one million medical records for sale. The going rate is about $60 per record. According to the Brookings Institute, more than 155 medical records have been hacked since 2009. We learned,
The healthcare sector is a labyrinth of governance and compliance with risk mitigations squarely focused on the privacy of patient data. We in the industry have accepted the norm that “security is not convenient” but for those in the healthcare industry, inconvenience can have a catastrophic impact on a hospital, including the loss of a patient’s life. Besides patient records, there’s a multitude of other services critical to patient health and wellbeing wrapped by an intricate web of cutting-edge and legacy technologies making it perhaps the most challenging environment to secure. This may explain the rise in attacks against healthcare providers in the last six months.
When it comes to prioritizing secure healthcare technology projects in healthcare organizations, many other more immediate and short-term projects are likely to take precedence. Besides that barrier, a shortage of healthcare technology talent poses another potential problem.
Megan Feil, December 20, 2016