10 Million Health Records Breached: Why Do Cyber Criminals Target Medical Files?

by NewsEditor_ on September 11th, 2015 in Industry and Security News.

A data breach at health insurance provider Excellus BlueCross BlueShield has exposed 10 million patient records. According to Wired, “Excellus has revealed that in August of this year it discovered a nearly 2-year old intrusion campaign in its network that gave hackers access to potentially all its customers’ records.” The breach follows several similar attacks this past year, including an attack against CareFirst insurance affecting 1.1 million customers and another attack against Anthem insurance wherein cyber criminals accessed 80 million health records.

The medical industry has become a prominent target for cyber criminals because of the large volumes of valuable data that can be extracted in a single breach, including birth dates and Social Security numbers which may be repurposed for identity theft. Additionally, the industry’s reliance on outdated computer systems makes it more vulnerable than other industries such as banking. 

There is also a lack of oversight for insurance fraud as opposed to the many safety provisions in place to prevent banking or credit fraud. Criminals committing insurance fraud can remain undetected for significantly longer periods of time than those who attempt to use fraudulent credit information. According to Reuters, “Stolen health credentials can go for $10 each, about 10 or 20 times the value of a U.S. credit card number.” A study from the Ponemon Institute, a research center dedicated to data protection, found that “victims of medical identity theft can suffer significant financial consequences. Sixty-five percent of medical identity theft victims in our study had to pay an average of $13,500 to resolve the crime.” 

Patients can protect themselves by safeguarding their credentials, monitoring their healthcare records and regularly reviewing insurance statements for potential signs of fraudulent activity. According to the Reuters story, “one patient learned that his records at a major hospital chain were compromised after he started receiving bills related to a heart procedure he had not undergone. The man's credentials were also used to buy a mobility scooter and several pieces of medical equipment, racking up tens of thousands of dollars in total fraud.”

No votes yet

Facebook Comments Box


Our best antivirus yet!

Fresh new look. Faster scanning. Better protection.

Enjoy unique new features, lightning fast scans and a simple yet beautiful new look in our best antivirus yet!

For a quicker, lighter and more secure experience, download the all new adaware antivirus 12 now!

Download adaware antivirus 12
No thanks, continue to lavasoft.com
close x

Discover the new adaware antivirus 12

Our best antivirus yet

Download Now