Over the weekend, a hacker claimed he had collected more than 650,000 individual patient records from three databases, according to Deep Dot Web.
Now, the perpetrator, who calls himself "thedarkoverlord," wants to cash in on his illegal activity. He claimed the databases, containing sensitive information such as social security numbers addresses, are for sale, with prices ranging from $100,000 to $400,000.
The website Motherboard claimed to have received 30 patient records from one of the databases. Motherboard confirmed that the phone numbers appeared to be connected to the correct person or a family home.
While a majority of data breaches can be blamed on authorized access or disclosure, such incidents can become significant expenditures for healthcare organizations. The purported hacker in this incident sent an encrypted message to Deep Dot Web with a warning for future cases.
"Next time an adversary comes to you and offers you an opportunity to cover this up and make it go away for a small fee to prevent the leak, take the offer," he wrote. "There is a lot more to come."