TheDarkOverlord, a hacker that put up for sale over 650,000 patient records yesterday, has published a new listing which he claims contains the database dump of a US healthcare insurance provider that holds details on 9,278,352 Americans.
The hacker is selling the data for 750 Bitcoin (~$490,000) on The Real Deal, a Dark Web marketplace where different hackers have converged lately to sell such data dumps.
The listing’s high price can be justified by the hacker’s promise to sell the data only to one client.
Database is 2 GB in size, contains 9,278,352 records
According to the listing, the database looks to contain user details such as first name, last name, address, city, state, ZIP code, email address, home and cell phone numbers, dates of birth, and Social Security numbers.
The hacker previously put up for sale, which he claims to have stolen from three other healthcare organizations across the US.
TheDarkOverlord is selling a database of 47,864 records from a healthcare organization from Farmington, Missouri; 207,572 records from an organization from the Central/Midwest US; and 396,458 records from a healthcare organization from Atlanta, Georgia.
All databases have a similarly high price as his latest listing and are also sold as exclusives to the first buyer. Currently, the listings are still up for sale.
Hacker claims he used RDP zero-day to hack healthcare organization
Just like with yesterday’s listings, the hacker is claiming to have breached the healthcare insurer using a zero-day in the RDP (Remote Desktop Protocol).
“This product is an extremely large database in plaintext from a large insurance healthcare organization in the United States,” the hacker writes in his listing. “It was retrieved using a 0day within the RDP protocol that gave direct access to this sensitive information.”
It is unclear if it’s an older zero-day that’s already fixed, but the organization didn’t patch its systems, or a new zero-day, which the RDP project does not know about.