Just in:
China’s digital hub Hangzhou hosts conference on AI, OPC // Taiwan International Plant-Based Festival Launches in Singapore: High-End Culinary Partnerships and Diplomatic Exhibitions Shape Premium Agri-Product Branding // France and Oman press toll-free Hormuz passage // ClawHub breach exposes agent marketplace risk // Afogreen Build Highlights Growing Adoption of Building Performance Modelling in Australia’s Sustainability-Driven Construction Sector // OpenAI limits Sol launch amid cyber risks // Masdar starts Kazakh wind power push // Binzhou’s Leap from Manufacturing to Intelligent Manufacturing // Hawaii tests plastic waste in roads // Most UAE expats under-insured, reveals survey // Dubai advances Gold Line contractor race // Save the Children Hong Kong’s Play to Thrive: Prioritising Personal Growth Over Competitive Success // Bid To Rebuild Bengal To Its Old Glory Is Welcome, Though Difficult // PRHK 2026 Benchmark Report highlights how Hong Kong’s IPO revival, AI, and the GBA are reshaping the SAR’s PR industry // This summer will never stop us from our wellness routine // Tehran blocks French role in Hormuz clearance // Bracell Welcomes Fernando Branco’s Appointment to Lead ABAF and Reinforces Commitment to Sustainable Forestry Development in Bahia // World’s First Commercial Multimodal LLM for Cultural Tourism Enters Broad Application // DSQ Real Estate Highlights Post-Purchase Advisory as a Growing Need for Overseas Dubai Property Owners // Cheap RAT spreads through Telegram channels //

Medical data, cybercriminals' holy grail, now espionage target

An illustration picture shows a projection of binary code on a man holding a laptop computer, in an office in Warsaw June 24, 2013.

Reuters/Kacper Pempel/Files

ADVERTISEMENT

SINGAPORE Whoever was behind the latest theft of personal data from U.S. government computers, they appear to be following a new trend set by cybercriminals: targeting increasingly valuable medical records and personnel files.

This data, experts say, is worth a lot more to cybercriminals than, say, credit card information. And the Office of Personnel Management (OPM) breach revealed on Thursday suggests cyberspies may now also be finding value in it.

Cyber investigators from iSight Partners said they had linked the OPM hack to earlier thefts of healthcare records from Anthem Inc, a health insurance company, and Premera Blue Cross, a healthcare services provider. Tens of millions of records may have been lost in those attacks.

ADVERTISEMENT

All three breaches have one thing in common, said John Hultquist of Dallas-based iSight. While cyberespionage usually focuses on stealing commercial or government secrets, these attacks targeted personally identifiable information.

The stolen data “doesn’t appear to have been monetised and the actors seem to have connections to cyberespionage activity”, said Hultquist, adding that none of the data taken in the earlier attacks had turned up for sale on underground forums.

A source close the matter said U.S. authorities were looking into a possible China connection to the breach at OPM, which compromised the personal data of 4 million current and former federal employees.

Several U.S. states were already investigating a Chinese link to the Anthem attack in February, a person familiar with the matter has said.

China routinely denies involvement in hacking, and on Friday a spokesman for the Foreign Ministry in Beijing said suggestions it was involved in the OPM breach were “irresponsible and unscientific”.

Hultquist said iSight could not confirm that China was behind the attacks, but similar methods, servers and habits of the hackers pointed to a single state-sponsored group.

BLACK MARKET FLOODED

Security researchers say that medical data and personnel records have become more valuable to cybercriminals than credit card data.

The price of stolen credit cards has fallen in online black markets, in part because massive breaches have spiked supply.

“The market has been flooded,” said Ben Ransford, co-founder of security start-up Virta Laboratories.

The result: medical information can be worth 10 times as much as a credit card number.

Fraudsters use this data to create fake IDs to buy medical equipment or drugs that can be resold, or they combine a patient number with a false provider number and file made-up claims with insurers.

State-sponsored hackers may not be after money, but would also be interested in such data because they could then build a clearer picture of their target.

That, said Philip Lieberman of security software company Lieberman Software, would increase the chances of any targeted email attack, or spear phish, successfully obtaining confidential data.

Others said that, given the data affected included job histories, those targets might be in other government departments. “It’s likely this is less about money and more about gaining deeper access to other systems and agencies,” said Mark Bower of HP Security Voltage, a data security company.

This interest in more granular data is pushing hackers of all stripes into more inventive ways of penetrating the defences of hospitals and other institutions holding such data.

TrapX, a cybersecurity company, said it had discovered criminal gangs from Russia and China infecting medical devices such as X-Ray systems and blood gas analysers to find their way into servers from which they stole personnel and patient data.

Other security researchers agreed this kind of attack was becoming more common.

Billy Rios, founder of security company Laconicly, said he had found infected systems while working with several healthcare organisations. “Clinical software is riddled with security vulnerabilities,” he said.

A survey by think-tank the Ponemon Institute issued last month said that more than 90 percent of healthcare organisations surveyed had lost data, most of it to hackers.

“This is going to get worse before it gets better,” said Carl Wright, of TrapX, which discovered the breaches via medical devices.

(Editing by Alex Richardson)

This entry passed through the Full-Text RSS service – if this is your content and you’re reading it on someone else’s site, please read the FAQ at fivefilters.org/content-only/faq.php#publishers.



Notice an issue?

Arabian Post strives to deliver the most accurate and reliable information to its readers. If you believe you have identified an error or inconsistency in this article, please don't hesitate to contact our editorial team at editor[at]thearabianpost[dot]com. We are committed to promptly addressing any concerns and ensuring the highest level of journalistic integrity.


ADVERTISEMENT
Social Media Auto Publish Powered By : XYZScripts.com
Just in:
Cheap RAT spreads through Telegram channels // Payments giants back shared Open USD stablecoin // France and Oman press toll-free Hormuz passage // Tehran blocks French role in Hormuz clearance // China’s digital hub Hangzhou hosts conference on AI, OPC // Afogreen Build Highlights Growing Adoption of Building Performance Modelling in Australia’s Sustainability-Driven Construction Sector // Alibaba Cloud gains edge in agentic AI race // DSQ Real Estate Highlights Post-Purchase Advisory as a Growing Need for Overseas Dubai Property Owners // CG Capital, the Leader in Branded Residences in Thailand, Marks Milestone Success for InterContinental Residences Bangkok Asoke Amid Global Economic Uncertainty // XRG and Eni deepen Argentina LNG push // Save the Children Hong Kong’s Play to Thrive: Prioritising Personal Growth Over Competitive Success // 5 Law Firms Making a Difference in Cincinnati // Taiwan International Plant-Based Festival Launches in Singapore: High-End Culinary Partnerships and Diplomatic Exhibitions Shape Premium Agri-Product Branding // Binzhou’s Leap from Manufacturing to Intelligent Manufacturing // Bangladesh-China Joint Statement On Teesta Cooperation Poses A Big Challenge To India // Bracell Welcomes Fernando Branco’s Appointment to Lead ABAF and Reinforces Commitment to Sustainable Forestry Development in Bahia // World’s First Commercial Multimodal LLM for Cultural Tourism Enters Broad Application // PRHK 2026 Benchmark Report highlights how Hong Kong’s IPO revival, AI, and the GBA are reshaping the SAR’s PR industry // Masdar starts Kazakh wind power push // Bid To Rebuild Bengal To Its Old Glory Is Welcome, Though Difficult //