DataBreaches.net

DataBreaches.net

The Office of Inadequate Security

Menu
  • Breach Laws
  • About
  • Donate
  • Contact
  • Privacy
  • Transparency Reports
Menu

Lording it over the healthcare sector: health insurer database with 9.3M entries up for sale

Posted on June 27, 2016July 28, 2021 by Dissent

insuranceAs if yesterday’s news that three databases with 655,000 patients’ records were up for sale on TheRealDeal by “TheDarkOverlord” wasn’t disturbing enough, today they’ve listed a database with 9.3 million records from an unnamed U.S. health insurer.

The listing sets a retail price of 750 BTC, which is almost $500,000.00, and the seller describes it this way:

This product is an extremely large database in plaintext from a large insurance healthcare organization in the United States. It was retrieved using a 0day within the RDP protocol that gave direct access to this sensitive information.

Format:
Firstname, Lastname, Address1, City, State, Zip, Email, HomePhone, CellPhone, DOB, SSN

The listing includes samples from the database. Of the three sample records provided, attempts to email two of the individuals bounced back, indicating that, at the very least, there might be some old data in the database.

In addition to the samples provided in the listing, TheDarkOverlord also provided DataBreaches.net with 100 additional records. Attempts to validate the information confirmed that there may be a good amount of old personal information in the database. Most phone numbers DataBreaches.net called no longer worked or belonged to other parties. The majority of emails sent to email addresses in the larger sample did not bounce back, but produced no replies to the inquires.

One person, reached by phone, confirmed the accuracy of her date of birth and Social Security number, but reported that the address was one where she had lived years ago. When asked what insurance she had at the time, she indicated that she was on Medicare and Medicaid.  “Susan” (not real her real name) was very upset to learn that her information had been stolen, telling this reporter that she didn’t even use a computer and had no idea what to do now. Two hours later, she called this reporter back when her sister was with her so that this reporter could explain to the sister what had happened and what steps Susan might want to take to protect herself.

So the data look real, but some of it may be old. That’s not necessarily surprising, as many companies seem to be allergic to purging old data.

Curiously, TheDarkLord did not include any sample records that would indicate what other kinds of information are in the members’ records. It could be a database with just 9.3M records of the format provided in TheRealDeal listing, but it’s not clear yet whether there are other types of insurance records in the database that would list diagnoses, treatment codes, insurance account numbers, prescription information, and other data. DataBreaches.net did request additional records or information from TheDarkOverlord, but he would not provide additional details at this time unless he was paid for them, and that is not an option for this blogger. Hopefully, he’ll decide to reveal more.

But based on the sample records that were provided, DataBreaches.net reached out to one well-known insurer to ask them to confirm or deny that these were their data. They have yet to respond.

This post will be updated as more information becomes available.


Creative Commons Image Courtesy of: CheapFullCoverageAutoInsurance.com

Related Posts:

  • Anyone know what healthcare facilities these are?…
  • Another healthcare database hacked and put up for…
  • Healthcare Sector Under Attack? Yes.
  • More details emerge on hacked patient databases up for sale
  • Listing for sale of U.S. Education Department data…

Post navigation

← More details emerge on hacked patient databases up for sale
Hard Rock Las Vegas Reports Card Data Breach →

Sponsored or Paid Posts

This site doesn’t accept sponsored posts and doesn’t respond to requests about them.

Have a News Tip?

Email:

Breaches[at]Protonmail.ch
Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Telegram: @DissentDoe

Browse by News Section

Latest Posts

  • Cybersecurity: Federal Agencies Made Progress, but Need to Fully Implement Incident Response Requirements (GAO Report)
  • Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers
  • CBIZ KA Notice of Data Privacy Incident (Prime Healthcare)
  • Seeking clarification on Maine’s data breach notification statute
  • East River Medical Imaging notifies 605,809 patients of breach
  • Russian hackers exploiting Outlook bug to hijack Exchange accounts
  • Britain dismisses report claiming Sellafield nuclear site hacking, says no malware exists on our system
  • 23andMe data breach: Hackers accessed data of 6.9 million users

Please Donate

If you can, please donate XMR to our Monero wallet because the entities whose breaches we expose are definitely not supporting our work and are generally trying to chill our speech!

Donate- Scan QR Code   Donate!

Social Media

Find me on Infosec.Exchange.

I am also on Telegram @DissentDoe.

RSS

Grab the RSS Feed

Copyright

© 2009 – 2023, DataBreaches.net and DataBreaches LLC. All rights reserved.

HIGH PRAISE, INDEED!

“You translate “Nerd” into understandable “English” — Victor Gevers of GDI Foundation, talking about DataBreaches.net

©2023 DataBreaches.net