July 5, 2017 by

Hackers Sell Patient Records of “any Australian” on the Darknet for $22 Each

A trader on the darknet is illegally selling the Medicare patient records of Australians after spotting a vulnerability in a government database.

An investigation by Guardian Australia has revealed a darknet vendor on a popular marketplace for illegal products claiming to access any Australian’s Medicare card details, on request.

“Purchase this listing and leave the first and last name, and DOB of any Australian citizen, and you will receive their Medicare patient details in full,” the listing reads.

Australian Medicare cards have been used in the past by drug syndicates to buy goods and have also been abused to defraud the government of Medicare rebates. They are particularly valuable to organized crime groups as they can be used to produce faux physical Medicare cards with legitimate information, ultimately leading to identity fraud.

Calling the service “the Medicare machine”, this particular darknet vendor has sold at least 75 Australians’ Medicare card details since October 2016. The cost for purchasing an Australian Medicare card? A relatively measly 0.0089 bitcoins, about $22.

The darknet vendor claims to be “exploiting a vulnerability which has a much more sold foundation which means not only will it be a lot faster and easier for myself, but it will be here to stay. I hope, lol.”

Upon requesting the data of a Guardian staff member, the investigation confirmed the legitimacy of the Medicare details stolen by the darknet vendor upon verification.

It is highlight likely that the vendor is accessing Medicare records in real-time, as per the claim of “exploiting a vulnerability” in a present

The publication has made a number of authorities – the Department of Health and the Australian Federal Police – aware of the breach. A spokesperson for the Department of Human Services confirmed that the agency was working with other government agencies to investigate the sale of Medicare records. Notably, the spokesperson added that investigations into “activities on the dark web continually occur.”

She further stated:

The Department takes the security of personal data extremely seriously. Thorough investigations are conducted whenever claims such as this are made.

Image credit: Pixabay.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Over 400 Dark Web (Tor) Sites Shut Down and 17 Arrested

The largest-ever operation against the hidden network website operators was conducted on November...

Read more arrow_forward