Health Records contain lots of information that is exciting to a hacker. Your health record contains information from your name, address, birthdate, social security number, email, personal health information, possibly even your credit card. They contain information about your spouse and we all supply at least a name and contact info for an emergency contact. There is a lot of good stuff in there when you look at it from a bad guy perspective!
According to the Ponemon Institute, health records are sold for as much as $363 per record. A small breach of only 1,000 records is a decent sized payoff for these hackers! The security company RedJack found a set of Medicare ID numbers for 10 beneficiaries online being sold for about $4,700!
While banks and credit card companies can simply cancel a card or set up a new accounts. Hospitals and other medical organizations don’t have a simple process for fixing lost patient data. One simply cannot get a new social security number or change their birthday. “Unlike credit card numbers, healthcare information is non recoverable, and potentially lethal in the wrong hands” Robert Hansen, the vice president of WhiteHat Security, told the Christian Science Monitor.
Hackers sometimes simply want your medical records for all of that juicy personal data but their are some who steal records to use a person’s health insurance information to obtain fraudulent or fake medical claims.
According to the Ponemon Institute, Healthcare organizations experience, on average, a cyber attack almost monthly (11.4 attacks on average per year) as well as the loss or exposure of sensitive and confidential patient information. However, 13 percent are unsure how many cyber attacks they have endured. Almost half of respondents (48 percent) say their organization experienced an incident involving the loss or exposure of patient information in the past 12 months. As a consequence, many patients are at risk for medical identity theft.
