Healthcare Hacker Goes Extorting after Claiming Theft of 10 Million Records

samsam ransomware healthcare


A hacker who claims to have stolen 10 million patient records before putting them up for sale on the black market is also trying to extort healthcare providers by stating that he won’t sell those stolen records, if they pay a ransom for it.

A hacker who goes by the moniker ‘TheDarkOverlord’ with the claim to infamy of stealing 10 million patient records and putting them up for sale on the dark market, is also trying to extort the healthcare providers he stole the data from.

If the providers pay up, the is assuring them that he or she won’t sell the data on the black market. In an interview with PCWorld, atleast one healthcare provider has refused to give in, so far. To burden the victims and the providers further, the hacker claims to have called some of the affected patients to warn them that their records will be leaked, if the provider doesn’t pay up the ransom.

In an encrypted chat, the hacker revealed his threat to victims:

How upset would you be if your provider failed to protect your sensitive healthcare information?

The hacker claims to have stolen information such as social security numbers, phone numbers and addresses of millions of patients in the United States, all of which can be used for identity theft. The hacker has even set up a Twitter account, wherein he has already started naming and exposing several healthcare providers. The records are also being sold in several batches on the black market, one of which fetches up to over half a million dollars ($537,000 in bitcoin). That particular package contains the licensing database, signing keys and even the source code of a provider of healthcare software.

An independent secureity firm, InfoAmror, has investigated the breaches to confirm that the stolen data is indeed real. Among the targets of the hacker were healthcare providers’ remote administration channels. The hacker may have even siphoned off data from X-ray and MRI machines, the security firm confirmed.

InfoArmor has also advised healthcare providers not to pay the ransom, noting that the hacker could trick them or demand a further payment in the future.

 Image credit: Pixabay.