Cybercriminals exploit patient data for profit

The May report from RSA says that this is especially true of cybercriminals trawling for pharmaceutical data to exploit it in order to order prescriptions at multiple pharmacies – and then attempt to resell the medicine online.

Delving into the report reveals that, to date, the RSA Anti-Fraud Command Centre has exceeded the 300 000 mark in the number of online attacks it has shut down – a total of 302 267 attacks.

In April, the number of phishing attacks identified by RSA increased by 3%. The study also shows that 85% of the worldwide phishing attacks identified by RSA in April were hosted in the US, South Korea, China, Australia and Canada.

In addition, the study notes that the UK held a 3.5% margin among the top ten countries affected by phishing attacks – falling to number eight from number one last month.

Citing a recent report from Javelin Strategy & Research, RSA says there are many startling findings to support the assertion that fraud resulting from the exposure of medical records and personal health information is a booming business for cybercriminals.

"In the report, Javelin noted that fraud resulting from exposure of health data increased from 3% in 2008 to 7% in 2009. In addition, their study showed that criminals were able to exploit information from medical records to commit fraud for four times longer as compared to other types of identity theft", said the RSA report.

RSA claims that the demand for personal information in the underground continues to rise. By buying credit card details, a fraudster is restricted to the types of fraud he can commit.

"With access to full information profiles, the types of fraud that can be committed using a person's identity are limitless. This is one of the reasons why healthcare organisations are a favoured target for data breaches among cybercriminals", notes the study.

"The issue of cybercrime in the healthcare industry is not just targetted at stealing consumer data to commit identity theft, nor is it targetted at a specific type of healthcare organisation. Cybercriminals are targetting the whole spectrum – from healthcare providers and insurers to pharmaceutical manufacturers and distributors", the report adds.

What’s Hot on Infosecurity Magazine?