July 5, 2017 by

Hackers Sell Patient Records of “any Australian” on the Darknet for $22 Each

A trader on the darknet is illegally selling the Medicare patient records of Australians after spotting a vulnerability in a government database.

An investigation by Guardian Australia has revealed a darknet vendor on a popular marketplace for illegal products claiming to access any Australian’s Medicare card details, on request.

“Purchase this listing and leave the first and last name, and DOB of any Australian citizen, and you will receive their Medicare patient details in full,” the listing reads.

Australian Medicare cards have been used in the past by drug syndicates to buy goods and have also been abused to defraud the government of Medicare rebates. They are particularly valuable to organized crime groups as they can be used to produce faux physical Medicare cards with legitimate information, ultimately leading to identity fraud.

Calling the service “the Medicare machine”, this particular darknet vendor has sold at least 75 Australians’ Medicare card details since October 2016. The cost for purchasing an Australian Medicare card? A relatively measly 0.0089 bitcoins, about $22.

The darknet vendor claims to be “exploiting a vulnerability which has a much more sold foundation which means not only will it be a lot faster and easier for myself, but it will be here to stay. I hope, lol.”

Upon requesting the data of a Guardian staff member, the investigation confirmed the legitimacy of the Medicare details stolen by the darknet vendor upon verification.

It is highlight likely that the vendor is accessing Medicare records in real-time, as per the claim of “exploiting a vulnerability” in a present

The publication has made a number of authorities – the Department of Health and the Australian Federal Police – aware of the breach. A spokesperson for the Department of Human Services confirmed that the agency was working with other government agencies to investigate the sale of Medicare records. Notably, the spokesperson added that investigations into “activities on the dark web continually occur.”

She further stated:

The Department takes the security of personal data extremely seriously. Thorough investigations are conducted whenever claims such as this are made.

Image credit: Pixabay.

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

Over 400 Dark Web (Tor) Sites Shut Down and 17 Arrested

The largest-ever operation against the hidden network website operators was conducted on November...

Read more arrow_forward

If you have any further questions, please don't hesitate to contact us.