Personal health data three times more valuable to hackers than credit card info

10 Jun 2019

Image: © auremar/

A new report from a global cybersecurity company has found that healthcare organisations are being inundated with cyberattacks.

As the rate of cyberattacks and leaks of personal information appear to be increasing exponentially, a new report published by Carbon Black has shone a bright and worrying spotlight on what is happening to our personal health information (PHI).

The survey, involving 20 of the healthcare industry’s leading chief information security officers, looked at how cyberattacks against healthcare organisations have evolved over the past year. It found that now more than ever, they are being targeted because of how lucrative PHI is compared to other personal identifying information (PII), such as addresses or credit card numbers.

In fact, the report said that PHI is worth three times more than PII due to the fact that this information is hardcoded within us and can never change, meaning health issues can be used by nation states or cybercriminal groups as a method of extortion or compromise.

Carbon Black also went into detail on how your medical information can be monetised. One example is a hacker obtaining online documents to forge a doctor’s identity. This is then sold to an intermediary, who will then sell it to the highest bidder on the ‘dark web’. The buyer, posing as the forged doctor identity, can then submit claims to medical insurance companies to obtain expensive medication or advanced surgical procedures.

Toying with people’s lives

Other general findings of the report showed that 66pc of healthcare organisations said cyberattacks had become more sophisticated in the past year, with the same percentage saying they were targeted by various ransomware attacks.

The most prevalent form of ransomware found by healthcare companies in 2018 was Kryptik, followed by GenKryptik and RansomKD. Within healthcare, ransomware can be particularly dangerous given a total shutdown of services could impact a patient’s health.

“When forced to decide between paying a ransom or being unable to access critical patient files, the healthcare provider has no choice,” the report said. “They have to pay, lest a patient potentially incur great harm or loss of life.”

Such an attack was seen in 2017 when the HSE closed its servers to the outside world after it fell victim to the hugely damaging WannaCry ransomware attacks seen globally.

Looking to preventative measures, Carbon Black said that in healthcare, “prevention often stands to be the best cure”.

It added: “Regular education of employees, greater awareness of modern threats and the prospect of building out larger threat-hunting teams can all go a long way in helping to curb attacks.”

Colm Gorey was a senior journalist with Silicon Republic