Intel gives an example of how easy it is to start hacking healthcare organizations and make money. A relatively non-technical thief can buy tools to start hacking, use them with a little free technical support, and extract 1000 records that can net about $15,500
An Intel Security report was issued that warned hackers are creating new ways to cash in on the information they’re stealing. According to A McAfee Labs, in their research report, “The Hidden Data Economy”, researchers knew that medical data was being stolen but had not seen it in the “dark markets” where data is traded. Intel Security, which now owns McAfee,then continued investigating the market for healthcare records.
“Indeed, the nonperishable nature of medical records makes them particularly valuable”.
Intel pointed out “we discovered dark web vendors offering for sale huge dumps of stolen medical data. In some instances, its availability was highly publicized.”
“We now see cybercrime-as-a- service operating in the healthcare sector, with evidence that vulnerabilities are being sold and organizations are being compromised as a service” according to Intel researchers.
Their report goes on to state:
One hacker stole insurance records and found a buyer that wanted all of it, an effort that netted $100000. This hacker has a good reputation with positive feedback from 15 interactions, Intel found. The seller even boasts of his hacking accomplishments on social media.
Some sellers of stolen health information take advantage of parallel markets to increase profits, according to Intel. One hacker sold 40,000 medical records but removed the financial data which was sold separately.
A seller offered a database containing the medical data of 397,000 patients with screenshots showing names, addresses, birth dtes and primary and secondary insurers. The stolen plain text database, from an Atlanta-based provider, was more than 200 MB in size. “Ownership of this database will be exclusive and only a single copy will be sold” according to the seller. “This has not been leaked anywhere and it has not yet been abused.” This seller also was offering a database from a provider in Farmington, Mo, covering 48000 patients and a database holding information on 210000 patients from Oklahoma City, with screenshots proving the databases were legitimate.
In 2014m I posted: https://themedicalstrategist.com/blog/websites/health-it-and-your-health-information-aired-in-public-your-nightmares-realized/
Here I presented the question of health information security and its availability to those interested in breaking into the system.
“Your private data was ripe for the picking to all hackers- a veritable wet dream!”
Now it seems that our fears have come to fruition.
Our healthcare system was primed for hackers as I warned back in May. 2009. Check out https://themedicalstrategist.com/blog/uncategorized/big-brother-crept-into-your-room-last-night/
Here I presented my theory of CHAOS (change of operating systems).
“Recognizing that CHAOS is expensive, the government is making money available for the electronic conversions. But if the office takes the allocated funds, the government is allowed to review your record…any and all of it! The privacy laws don’t apply! Rational by the government is that they want to review data for current practices and treatments. Why, you ask? Or better yet…Why YOU SHOULD ASK? This is a first step for state control of healthcare in the future. Will “they” decide what treatment options you must get for your symptoms based solely on cost as opposed to what works best? Will “they” forbid your physicians from telling you what better options are available because it is not the one that “they” want to pay for?”
And What About the Hackers?
“The system also opens itself open to identify theft on a massive scale that the world has never seen. Nor will be able to control! In the fervor to welcome affordable healthcare for all, has everyone really looked at what is happening and thought of the consequences?
Solution for some
Back in 5/05/09, I published https://themedicalstrategist.com/blog/health/how-to-avoid-big-brother/
An explanation for the rise in complementary medicine (CAMS) in the alternative care community was:
- Awareness of therapies available
- Licensure of alternative therapies by states
- Cost is less than conventional care
I suggest that there are three very valid different reasons that people are seeking alternative care therapies.
- The first is that the government ( and specifically the IRS) do not have access to your personal information and therapy (since practitioners of alternative therapy are not mandated to have EMRs) the way that traditional physicians do
- The government or bureaucracy does not have a say in the ideal treatment options
- These practitioners can spend more time and give more personalized care.
If you are using the care of any number of alternative therapies by nontraditional healthcare providers (and especially if you are not using insurance), then you are totally flying under the radar.
This low profile may be where you would like to dwell in the future.