Paul Farrell reports:
A darknet trader is illegally selling the Medicare patient details of any Australian on request by “exploiting a vulnerability” in a government system, raising concerns that a health agency may be seriously compromised.
An investigation by Guardian Australia can reveal that a darknet vendor on a popular auction site for illegal products claims to have access to any Australian’s Medicare card details and can supply them on request.
The seller is using a Australian Department of Human Services logo to advertise their services, which they dub “the Medicare machine”.
Read more on The Guardian. And then if that doesn’t have you anxious enough, consider this:
Another darknet actor is offering a database allegedly from “a well known international blue chip Medical Insurance Company.” That database contains individuals from 122 countries with information on each person including:
LAPSE SUSPEND DATE
PRODUCT SUB TYPE
The seller claims that the data was obtained from the main severs of the unnamed international company and that pretty much anyone who has health insurance is in the database.
How many records in this database, you wonder? Well, the seller claims there are over 130,000 just for the U.K. alone, and that’s just one of 122 countries in the database. He actually claims more than 1 million individuals have records in the database.
Note that although I am including both of these incidents in the same post, I am not suggesting – and do not think that – they are related to the same individual or individuals. But I do think that their combined impact is a stark reminder that our health information and health insurance information are just not secure at all.