An individual(s) who is offering more than six hundred thousand clinical records and related documentation on the deep web, says that he acquired those files after discovering a weakness in protocols – how businesses perform or execute remote desktop functionality.
The hacker, also known as The Dark Over Lord, says that various reputable healthcare institutions were infiltrated, and that they got away with a list containing information on hundreds of thousands of patients from each of these organizations.
According to the hacker, there is a list of more than forty thousand patients discovered in the plain text; obtained via Microsoft Access database, they had simple usernames and passwords. The remaining lists contained more details than the previous ones; information of more than six hundred thousand patients, they were found in an institution based in central United States. The other organization is based in the southeastern part of the United States. However, both remaining lists were found in plain text, while a wrong configuration of the networks allowed the access.
Furthermore, after exploiting the database and informing the companies that their systems were vulnerable, the hacker asked if they would pay him for finding the vulnerabilities, which they refused. As a result, the individual is offering the data for a large cost; the listings vary in cost, starting from 151 BTC, roughly $100,421.04 (as of 21st July), to 607 BTC, roughly $403,679.28 (as of 21st July) Prices may vary depending upon the exchange rates.
The details are for purchase at The Real Deal website – the same origins where login credentials for MySpace and Vkontakte were sold. The Dark Over Lord says that they have been offered some hefty prices, selling the data worth more than a hundred thousand dollars. One chunk of information that was sold, came from the organization belonging to Blue Cross Blue Shield.
However, a few months ago, hackers aimed their talents at corporate systems working with remote desktop protocols, and after discovering them, they brute forced the machines using puny passwords to distribute the Bucbi ransomware (part of the Trojan family and has the ability to destroy your operation system, as well as the hardware itself), which was solely there to collect debit or credit card information.
The strategies used by this hacker can serve as a model for the future of ransomware and other development for hybrid Trojans. The attacker is diminishing the factor for the target, by not allowing them to fix their files from the backup that is available via a copy of the data. So naturally, this allows the victim to go with the decision to pay for the files, in order to recover their important data and not have their information leaked online. For companies, this can lead to a murky water of lawsuits and a discredited reputation.
Our IP Address: