The hacker is asking over $700,000 for the whole data

Jun 27, 2016 00:35 GMT  ·  By

A hacker who goes by the name of TheDarkOverlord has put up for sale on the Dark Web three databases stolen from three healthcare institutions in the US.

The hacker is selling the data on The Real Deal marketplace, and he says he breached these companies using an RDP (Remote Desktop Protocol) bug.

TheDarkOverlord has told DeepDotWeb, who first spotted the ads, that it's "a very particular bug. The conditions have to be very precise for it."

He has also provided a series of screenshots as proof, showing him accessing the hacked systems via a Remote Desktop connection.

The hacker also recalls that, before putting the data on the Dark Web, he contacted the companies and informed them of their problems, offering to disclose the bug for a price, in a tactic known as bug poaching.

Obviously, all three companies declined, so here we are, with their data available on the Dark Web. TheDarkOverlord says that all databases are a one-time sale, meaning only one buyer can get their hands on the stolen data.

Healthcare Database from Farmington, Missouri, United States

This is the smallest database of the three and contains exactly 47,864 records. Currently, the hacker is asking for 158.68 Bitcoin (~$101,000).

TheDarkOverlord explains that all the data is in plaintext and was retrieved from a Microsoft Access database residing in the organization's internal network.

He claims the following patient details are included in the database: first name, middle name, last name, address, city, state, ZIP, Social Security number, date of birth, gender, email address, various phone numbers, and more.

Details about Healthcare Database from Central/Midwest United States

The second database also contains plaintext data, and the hacker adds it was retrieved from a severely misconfigured network using readily available plaintext usernames and passwords.

The hacker is asking for 317.38 Bitcoin (~$202,000) for this database and says the exact number of patient records is 207,572.

He claims the following patient details are included in the database: Social Security number, first name, middle name, last name, gender, date of birth, and address.

Details about Healthcare Database from Atlanta, Georgia, United States

The biggest database contains 396,458 patient records, and the hacker is asking for a whopping 634.73 Bitcoin (~$405,000).

He states the following patient details are included in the database: health insurance details (primary, secondary, policy IDs), patient's address, date of birth, age, phone number, email address, gender, Social Security number, state, ZIP, race, and more.

TheDarkOverlord goes on to say that this database was stored in plaintext as well, and he got hold of it from an accessible internal network using readily available plaintext usernames and passwords.

Justin Shafer, a security researcher specialized in the healthcare industry, believes that this latter database belongs to the Athens Orthopedic Clinic.

Details about Healthcare Database from Atlanta, Georgia, United States
Details about Healthcare Database from Atlanta, Georgia, United States

Photo Gallery (3 Images)

Healthcare Database from Farmington, Missouri, United States
Details about Healthcare Database from Central/Midwest United StatesDetails about Healthcare Database from Atlanta, Georgia, United States
Open gallery