Healthcare hack
Hacker listed 9.2 million records on a dark web-based marketplace for 750 bitcoin (£368,000)iStock/EverythingPossible

A hacker claiming to have broken into multiple healthcare databases across America has listed a fresh trove of 9.2m records on a Dark Web-based marketplace for 750 bitcoin (£368,000).

The vendor, using the pseudonym 'The Dark Overlord', claims the plaintext 2GB database includes names, addresses, emails, phone numbers, date of births and Social Security Numbers (SSNs) belonging to 9,278,352 Americans.

The hacker, who is attempting to shift the product on a popular underground shop called The Real Deal, said the data was compromised by exploiting a so-called '0-day' vulnerability with remote desktop protocol (RDP).

On The Real Deal, the hacker said: "This product is an extremely large database in plaintext from a large insurance healthcare organisation in the United States. Ownership of this database will be exclusive and only a single copy will be sold.

"This has not been leaked anywhere and it has not yet been abused. If you are interested in purchasing this database and would like to make an offer other than what is listed, send a PM [private message]. Only serious offers will be entertained."

IBTimes UK has not verified the authenticity of the database. Unlike other sellers on the black market website – which regularly trades in stolen information, drugs and exploit code – 'The Dark Overlord' has garnered no 'positive feedback' which indicates he or she is a fresh seller.


healthcare hack
Screenshot: The Real Deal marketplaceScreenshot/The Real Deal

The release comes only 24 hours after the same vendor listed over three databases containing over 650,000 healthcare records for sale on the same website. As previously reported, this information also purported to contain full names, social security numbers, addresses, date of birth data and insurance information.

The Dark Overlord said the information was stolen from three different US healthcare organisations – located in Farmington, Missouri (48,000 records), central/Midwest US (210,000 records) and Atlanta, Georgia (397,000 records). While each cache of data was priced differently, the hacker was asking for a total amount of over $700,000 (£523,000) for the records in total.

In the latest case, it remains unknown where the information was stolen from. Last year, in what is considered one of the most notable healthcare breaches, US insurer Anthem as hit with a cyberattack that compromised records from around 80m citizens.