Cybercriminals increasingly are using stolen medical records for other types of identity theft beyond health-care fraud, including filing fraudulent tax returns.
Last year, almost 100 million health-care records were compromised, making them a hacker’s No. 1 target, according to a report by IBM. Now, hackers have realized “you can use those profiles for normal fraud stuff,” wrote one seller of medical records on a website shown to CNBC by IBM.
Hackers sell the medical records to other criminals on the so-called dark Web, a portion of the Internet not indexed by search engines. In order to access these websites, you need to download a special browser.
Cashing in on medical breaches
Health-care records fetch higher prices, as much as 60 times that of stolen credit card data, because they contain much more information a cybercriminal can use.
“Criminals want what they refer to as fulls, full information about their victim. Name, birth date, Social Security number, address, anything they can learn about their victim. All that information is in your health-care records,” said Etay Maor, an executive security advisor at IBM Security.
Part of the reason for the higher prices is that while credit card numbers can change, your Social Security number generally stays the same.
“As long as entities use Social Security numbers to authenticate you, the criminals will have a record that is never-ending,” said Maor.
Click here to read the full article and watch the newscast video.
March 11, 2016 By Jennifer Schlesinger and Andrea Day, CNBC