Hackers Are Selling Patient Data for as Little as $1 on Dark Web

On the dark web, Social Security numbers are sold for approximately $1 while credit card information is priced at about $110.

Hackers Are Selling Patient Data for as Little as $1 on Dark Web

Each investigation conducted by the Department of Health and Human Services' office of inspector involves the use of medical data to steal identities.

As medical records become digitized, hackers are stealing patient data and selling it on the dark web, making identity theft easy and relatively cheap.

Gary Cantrell, head of investigations at the Department of Health and Human Services’ office of inspector general, told CBS News that hackers want people’s medical records as they contain “a treasure trove” of personal information.

“Every one of our investigations involves the use of medical data to commit this fraud,” Cantrell said.

Last year, the agency handled almost 400 reports of medical data breaches – some of which ends up being sold on the dark web.

“Sometimes they’re compromising this data and we don’t know how it’s being used, when or if it will be used to compromise those individuals’ identities,” Cantrell said.

Social Security numbers sell for approximately $1 on the dark web while credit card information goes for around $110. Full medical records can be sold for upwards of $1,000 as they contain date of birth, place of birth, credit card details, SSN, home address and email.

Gary Miliefsky, executive producer of Cyber Defense Magazine, says it takes him just seconds to search for purchasable medical records on the dark web.

“They want to monetize these records quickly, and they’re actually offering them at a discount compared to other prices I’ve seen on the dark web,” he said.

Protenus, a firm that provides data protection for healthcare facilities, says there were 222 hacking incidents last year – up almost 25 percent from 2017.

A 2017 survey also found that only 16 percent of healthcare providers have a fully functional cybersecurity program, according to WFMY.

“One of our most important missions is to mitigate that vulnerability as quickly as possible. And that means communicating with those individuals who oversee the systems,” Cantrell said.

To protect yourself, experts say to request a copy of your medical files now to clear up any potential confusion if your records are altered due to medical identity theft.

It is also recommended that you freeze your credit. Freezing your credit allows you to still use your credit cards while “keeping the bad guys out.” When you have to apply for a loan or a new credit card, you just unfreeze your credit. Here’s some info on how you can do that.

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

About the Author


Amy is Campus Safety’s Executive Editor. Prior to joining the editorial team in 2017, she worked in both events and digital marketing.

Amy has many close relatives and friends who are teachers, motivating her to learn and share as much as she can about campus security. She has a minor in education and has worked with children in several capacities, further deepening her passion for keeping students safe.

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters
Campus Safety HQ