Stealing health records is more valuable than financial records since financial data becomes worthless immediately after the customer detects the fraud and cancels their card. Information contained in health records on the other hand, has a much longer life. Hackers can use it for identity theft since the extensive data contained in health records including Social Security numbers cannot be easily cancelled. In addition, healthcare breaches are not typically discovered through black market sales since health records are not sold outright, but rather used to buy and sell addictive prescriptions.
Excellus Blue Cross Blue Shield is the latest healthcare company to discover a data breach affecting as many as 10 million individuals. According to the FBI, criminals can sell healthcare information for as much as $50 per record, which means the Excellus breach could easily translate to $500 million worth of information. Excellus only discovered the compromise because it asked for a network assessment after seeing reports of data breaches at other BCBS providers most notably the recent Anthem breach. More breach disclosures are likely to occur as organizations start taking a more comprehensive look at their security. Many experts believe the healthcare breaches are not the work of typical cyber crime gangs but of state-sponsored, well-funded groups. Healthcare payers and providers effected by these hackers are simply not prepared nor are they able to identify when hackers do breach data houses.
To read more from our staff click here
To read more from Info World click here