Attackers claim the leaked details include everything from medical practitioners' names to home addresses. The Cybernews research team believes that the data could have come from a third-party service provider breach.
The post was uploaded to a popular data leak forum, which is utilized to share stolen data. The attackers didn’t specify where exactly they got the data from, yet they claim it includes information on 433,000 medical practitioners based in the US.
The Cybernews research team looked into the data sample that the attacker provided and concluded that the information includes a mix of personal and work accounts. The types of data included point to information being either collated from several data breaches or a specific third-party service provider that was hacked.
“Some of the emails haven’t appeared in data breaches, which further adds to the idea that the data could come from different sources, or the breach isn’t yet publicly known,” our team explained.
The database supposedly includes a trove of personal sensitive information about doctors, surgeons, and healthcare professionals, including:
- Full names
- Phone numbers
- Titles
- Specialties
- Hospitals
- Emails
- Addresses
- Other data
The team noticed that the post’s author has previously posted similar databases organized by location, industry, and number of leaked details.
“In other words, the post’s author may collect the data from many different sources and is being mysterious about what they are,” the team explained.
Meanwhile, malicious actors can exploit the leaked details in numerous nefarious ways. The most obvious one is identity theft, where attackers impersonate individuals to set up fraudulent accounts.
However, since the leaked data reveals information about a specific category of people, cybercrooks are more likely to use the information for targeted phishing campaigns. In these cases, attackers craft tailor-made messages containing information that appeals, for example, to medical practitioners.
“Some of the emails haven’t appeared in data breaches, which further adds to the idea that the data could come from different sources, or the breach isn’t yet publicly known,”
The Cybernews research team explained.
The key aim for attackers is to get their victims to reveal more personal information or trick them into downloading malware.
Healthcare data is among the most valuable prizes on the cybercriminal underground because it often enables cybercriminals to file fraudulent medical claims, resulting in the illicit purchase of prescription drugs.
Additionally, attackers target medical staff with malware, as it could enable ransomware attacks against healthcare providers. Ransomware gangs focus on hospitals because such organizations cannot allow downtime and, in the eyes of the attackers, are more likely to pay a ransom.
Your email address will not be published. Required fields are markedmarked