New Breach: Healthcare Insurer Database Of 9.3M Records Being Sold

Only 2 days ago we reported about 655000 Healthcare Records (Patients) Being Sold,by an anonymous hacker on TheRealDeal market, at that time the hacker called thedarkoverlord (trdealmgn4uvm42g.onion/profile/32184) promised that we should expect more – and soon after, he delivered in the form of a new sale of hacked Healthcare Insurance Database containing no less than 9,300,000 patients records from United States:

The hacker stated on the sale page:

This product is an extremely large database in plaintext from a large insurance healthcare organization in the United States. It was retrieved using a 0day within the RDP protocol that gave direct access to this sensitive information.

The info contained in the database includes: Firstname,Lastname,Address1,City,State,Zip,Email,HomePhone,CellPhone,DOB,SSN

The database is being sold for 750BTC – the which is around 485,000$ at this time.

Dissent Doe, a security researcher reported on her blog that she managed to verify that the data was real by calling on of the persons from the DB, using some sample listings provided to her by thedarkoverlord, and concluded:

So the data look real, but some of it may be old. That’s not necessarily surprising, as many companies seem to be allergic to purging old data.

The hacker added in an encrypted chat with DeepDotWeb:

This hacked was done using Same RDP 0day from the previous released DB’s

He also said that the info is recent although some portions of it are indeed old.  When asked if he tried contacting the company he replied:

Contact was attempted with the victim organization. However, they declined to respond. The attempt was made with each of their board of director members

And also added:

Why not just pay? Money makes it all go away and it is a modest cost compared to the total financial damage you will suffer if you do not pay to keep it from getting leaked.

When asked if we should expect more leaks of personal info from the healthcare system, he replied:

We are just getting started!

We will keep following and updating, and can’t help wondering if those breached companies are being held accountable in anyway for not putting enough of their huge profits into protecting their most precious and private data.