A hacker that goes by the name of TheDarkOverlord has put up for sale on the Dark Web three databases stolen from three healthcare institutions in the US.
The hacker is selling the data on The Real Deal marketplace, and he says he breached these companies using an RDP (Remote Desktop Protocol) bug.
TheDarkOverlord has told DeepDotWeb, who first spotted the ads, that it’s “a very particular bug. The conditions have to be very precise for it.”
He also provided a series ofas proof, showing him accessing the hacked systems via a Remote Desktop connection.
The hacker also said that before putting the data on the Dark Web, he contacted the companies and informed them of their problems, offering to disclose the bug for a price, in a tactic known as.
Obviously, all three companies declined, so here we are, with their data available on the Dark Web. TheDarkOverlord said that all databases are a one-time sale, meaning only one buyer can get his hands on the stolen data.
Healthcare Database from Farmington, Missouri, United States
This is the smallest database of the three and contains exactly 47,864 records. Currently, the hacker is asking for 158.68 Bitcoin (~$101,000).
TheDarkOverlord says that all the data is in plaintext and was retrieved from a Microsoft Access database residing in the organization’s internal network.
He claims the following patient details are included in the database: first name, middle name, last name, address, city, state, ZIP, Social Security number, date of birth, gender, email address, various phone numbers, and more.
Details about Healthcare Database from Central/Midwest United States
The second database also contains plaintext data, and the hacker says it was retrieved from a severely misconfigured network using readily available plaintext usernames and passwords.
The hacker is asking for 317.38 Bitcoin (~$202,000) for this database, and says the exact number of patient records is 207,572.
He claims the following patient details are included in the database: Social Security number, first name, middle name, last name, gender, date of birth, and address.
Details about Healthcare Database from Atlanta, Georgia, United States
The biggest database contains 396,458 patient records, and the hacker is asking a whopping 634.73 Bitcoin (~$405,000).
He claims the following patient details are included in the database: health insurance details (primary, secondary, policy IDs), patient’s address, date of birth, age, phone number, email address, gender, Social Security number, state, ZIP, race, and more.
TheDarkOverlord says this database was stored in plaintext as well, and he got hold of it from an accessible internal network using readily available plaintext usernames and passwords.
Justin Shafer, a security researcher specialized in the healthcare industry,that this latter database belongs to the Athens Orthopedic Clinic.