Medical Records Hacking Is Sickening

Give a voice to the voiceless!

Did you know that your medical records are worth more to hackers than your bank info? Unlike bank fraud, medical bill fraud can take months to detect.
Did you know that your medical records are worth more to hackers than your bank info? Unlike bank fraud, medical bill fraud can take months to detect.

Psst! Hey, you, yeah, you? Wanna buy some guy’s credit card numbers, just a buck. What? You want his medical records? That’ll cost you $10.

Yes, believe it or not, your medical records are worth 10 times what your banking information is in the black market part of cyberspace. How do I know? I could tell you but I’d have to kill you. Just kidding. Reuters says so.

At first, it just doesn’t sound right. After all, people have been robbing banks for as long as banks have existed. Who would want to steal your medical records?

“The only reason to buy that data is so they can fraudulently bill,” Marc Probst, chief information officer of Intermountain Healthcare in Salt Lake City, told Reuters.

You see, when hackers have your bank account information, they can (and do) siphon funds out of your accounts, and they can take out loans in your name. It can run to the tens thousands. With false medical billing, it can approach the millions. One of the main reasons? Bank fraud is spotted much more quickly. Many whose medical records are hacked don’t notice for months. That means that unlike a bank that will cancel a card at the drop of a hat, medical information has a longer shelf life.

“The kind of identity theft that is on the table here is qualitatively and quantitatively different than what is typically possible when you lose your credit card or Social Security number,” said Pam Dixon, executive director of the World Privacy Forum.

With your medical records, cyberthieves can bill insurers for expensive treatments that never happen, they can get access to prescription drugs, and they can purchase medical equipment for resale without footing the bill themselves. The Medical Identity Fraud Alliance figures fraud cost America’s medical program for the elderly and disabled more than $6 billion in the last two years.

Read more: Interview with a Hacker Part I: Hacking Human Resources Is a Thing

In a rather typical 2013 case, a patient learned that his records at a major hospital chain were compromised after he started receiving bills related to a heart procedure he had not undergone. His credentials were also used to buy a mobility scooter and several pieces of medical equipment, racking up tens of thousands of dollars in total fraud. It can cost as much as $13,500 to fix things.

Worse, healthcare computer systems are among the easiest to break into. “Healthcare providers and hospitals are just some of the easiest networks to break into,” said Jeff Horne, vice president at cybersecurity firm Accuvant, which is majority-owned by private equity firm Blackstone Group. “When I’ve looked at hospitals, and when I’ve talked to other people inside of a breach, they are using very old legacy systems — Windows systems that are 10 plus years old that have not seen a patch.”

Well, if you were a hospital administrator, how would you spend the money? A new computer network or two new kidney machines?

But the real scary part of this comes when you are in a medical crisis and you get to the emergency room only to discover that loads of prescription drugs you don’t take have been prescribed for you. In the middle of a heart attack, are you going to argue with the ER doctor that you don’t take X, Y and Z? And if you do, is he going to risk his license by listening to you? If you are a teetotaler and need a new liver, how will the organ donor committee view a prescription for Antabuse, which is given to alcoholics to make them sick when they drink booze as a deterrent, that turned up in your history?

James Christiansen, vice president of Accuvant, suggested a few things you can to do protect yourself: “Review your medical records and Explanation of Benefits frequently for anomalies. Look for billing errors and signs of prescriptions or tests that you never had. To assist in identifying bogus charges, request copies of your medical records from your doctor or hospital. If you notice any problems, alert your healthcare provider and insurance company. Keep an eye on your credit report, because unpaid medical bills can affect your credit rating, even if they resulted from someone else using your medical information.”

Jeff Myhre is a contributing journalist for TheBlot Magazine

Give a voice to the voiceless!

Leave a Reply

Your email address will not be published.

Top 10 Winning Tips For Entrepreneurs From Financier Benjamin Wey

TFF2015: ‘Drunk Stoned Brilliant Dead’ Tells Storied History of National Lampoon