Medical information is now worth up to 10 times the price of credit card details on online black markets, due to weak healthcare security and a thriving black market in data to be used for medical frauds, according to a report by news agency Reuters.
On online black markets, patient data can fetch $10 per patient, around 10 times the value of a U.S. credit card number, according to healthcare fraud experts.
Criminals are increasingly targeting healthcare information rather than credit card data, as healthcare companies often rely on aging, poorly protected computer systems, and the data is easier to access.
Interviews with experts in the field found that a thriving underground market has grown up around such thefts, with criminals buying patient data to fraudulently buy equipment and drugs which can then be sold, or to file made-up claims with insurers, according to Yahoo News.
Healthcare security: Market for fraud
In an in-depth blog post on the issues of healthcare data and privacy, ESET’s Stephen Cobb says, “Let’s start with some relatively clinical facts, like 24,800. That is the average number of Americans who, by my calculation, had their Protected Health Information (PHI) exposed, per day, in 2013.”
The Daily Mail says that last month, the FBI warned healthcare security providers to be on their guard against cyber attacks.
"The FBI has observed malicious actors targeting healthcare related systems, perhaps for the purpose of obtaining Protected Healthcare Information (PHI) and/or Personally Identifiable Information (PII)," the agency warned.
Unlike credit card theft, the misuse of patient data is often not immediately identified by healthcare providers, which can offer cybercriminals extended periods in which to misuse stolen credentials, Reuters reports.
Attacks increasing
In a March 2014 report, the Ponemon Institute said that attacks on healthcare security systems were increasing in frequency. .
“Criminal attacks on healthcare systems have risen a startling 100 percent since we first conducted the study in 2010,” the Institute warned.