Member Article

Several Hundred Thousand French Medical Files Available on the Dark Web

Researchers at cybersecurity firm CybelAngel tracked bad actors targeting French hospitals by analysing conversations on the dark web in an attempt to better understand the cyber threats faced by healthcare faciltiies.

The report unveils how cybercriminals plan healthcare-related fraud, ransomware and other attacks by obtaining stolen credentials, leaked database files and other materials from specialized sources in the cybercrime underground.

Screenshots within the research reveals an account on a dark web forum amassing lists of open, exposed databases inside healthcare organizations, which they seek to monetize by selling to attackers and other parties.

CybelAngel’s research includes screenshots and detail of reputedly well-connected actors selling a file containing thousands of employee credentials from “a company that works with many (if not all) hospitals.” as well as another actor offering “500,000 French hospital records” on an underground marketplace

“Cybercrime attacks that disable hospitals and weaponize stolen medical records are unconscionable - and particularly ruthless during a pandemic, when the uptime of every care facility and accuracy of every health record determines whether lives are saved,” said Camille Charaudeau, Vice President of Product Strategy at CybelAngel. “While the volume and stakes of these attacks can feel overwhelming, our research shows that sealing-off a few specific types of exposed data could have a meaningful effect by disrupting the supply chains adversaries rely on to execute these attacks.”

This was posted in Bdaily's Members' News section by TH .