Hacker sells medical databases of American patients

A hacker offers the data of a total of approximately 655,000 patients on an underground marketplace. It concerns three databases, which the hacker is said to have obtained through an exploit in the way medical organizations use RDP.

Under the pseudonym thedarkoverlord, the hacker offers three databases on the underground marketplace The Real Deal. He has provided screenshots of his hack to Deep Dot Web, as proof of its authenticity. The three databases of unnamed US organizations were obtained through a vulnerability related to “how companies use the remote desktop protocol”. “It’s a very specific bug. The circumstances have to be very precise,” the thedarkoverlord said, without giving more details about the exploit.

The databases contain usernames and passwords in plain text, as well as addresses, telephone numbers, dates of birth and social security numbers. One of the three databases, with 396,458 entries, also contains the insurers of the patients. The screenshots also show that he had access to medication use. The hacker claims that the databases have not yet appeared elsewhere on the internet and that the buyers will receive them exclusively. At the time of writing, thedarkoverlord charges 60, 170 and 300 bitcoins separately for the three databases, which is approximately EUR 34,700, 98,300 and 173,500 respectively. Vice and Deep Dot Web quote different amounts, prices seem to fluctuate.

According to Vice, the hacker simultaneously demanded a ransom from the organizations. The hacker claims that it is a “modest amount compared to the damage that the organizations would suffer if a publication were to be published.”