Healthcare professionals are some of the most vulnerable targets. Not so long ago, one of the largest batch of data containing just over 9.2 million health insurance reco

How Hackers Can Exploit Medical Information

A cybersecurity breach in any industry is a serious matter. Healthcare professionals are some of the most vulnerable targets. Not so long ago, one of the largest batches of data containing just over 9.2 million health insurance records was offered for sale on the dark web – a huge blow for PHI. How sure are you about your records not being compromised?

Data breaches and Dark Web sales are a big worry not just because of HIPAA compliance. The most profitable offering on the illegally obtained records market is healthcare provider data which can be used to forge a provider’s medical background. It is extremely alarming, considering the damage which could take place when someone fraudulently poses as a medical professional.

The data that can be obtained on the dark web for approximately $500 per listing may include not just patient data, but also providers and their employee’s records,  including their medical diplomas,  doctor and DEA licenses, and official insurance documents.

Why Healthcare providers are highly prized by Cybercriminals?

Exploiting breached data goes beyond patient private information: access to provider’s data allows cybercriminals to abuse data to grant them access to unauthorized resources, such as data, money, and drugs.


  • Abuse of Healthcare Provider’s Identity

A cybercriminal compromises the corporate network of a medical provider to find administrative data that would support a forged identity of a healthcare provider. The hacker then sells that data to a dark web buyer or a middle-man who then resells it to the end buyer for a profit but at a price where other people willing to buy data can afford it.

Cybercriminals can then use an authorized healthcare provider’s identity to access more data banks, and perform other criminal activities, such as submitting claims to Insurance or Medicare and collect money “on their behalf”.

  • Abuse of Patient’s Insurance Coverage

A hacker who compromised a web server or credential database can quickly mass-change passwords and sell data to a buyer for a low price, even after the compromise is discovered. The buyer can then access actual medical insurance information. Further, the data can possibly be used to forged claims, request procedures, and manipulate other types of information. The buyer can then use fraudulent medical information to get services with the fake identity at the cost of the victim patient.

  • Access to Prescription Labels and Drugs

Faked prescription labels and sales receipts and forged, stolen, or scanned insurance and prescription coverage cards are a gold mine for those cybercriminal to gain access to otherwise unauthorized prescription drugs, labels, and prescription forms.

Managed Security Services for Healthcare Providers

tech support for medical office new jersey HIPAA certified

With properly managed network for your medical practice, your providers and your staff can look after and help your patients better. With secure network, you can take better care of your data, your reputation, and your practice.

Reliable IT support is critical for maintaining a healthy, stable computing environment, as well as for keeping up with your IT requirements as your practice grows. Our healthcare industry expertise and experience with HIPAA compliance and various EHR software gives us the leading edge to service your IT needs, from initial computer systems and servers installation to a full range of network services and tech support options.

Give us a call now at (855) 551-7760 to schedule a free consultation about our Medical Practice IT Services and Managed Security Services for Healthcare Practitioners.

How is your state of IT? Call Us: (855) 551-7760 with any questions.