Consumer data gleaned from healthcare companies is increasingly popping up on the black market, where details like Social Security and health insurance ID numbers can fetch a high price.
While it's concerning when a credit card number is stolen, hackers and fraudsters see more value in data typically amassed by health insurers and medical providers, which is much harder for a consumer to change.
The trend underscores the danger of data breaches like the one that hit Anthem, the second-largest health insurance company in the United States. Hackers accessed data for 80 million people, including names, birthdates, Social Security numbers, incomes and street addresses.
The insurer is now the target of lawsuits from policyholders alleging it did not disclose the breach quickly enough. Hackers reportedly broke into Anthem's system on Dec. 10; Anthem officials discovered it Jan. 27 and alerted the public on Feb. 5.
There have been nearly 300 disclosures of large healthcare data breaches in the last two years, according to a report by NPR. Records are kept by the Department of Health and Human Services.
Fraudsters turning to the black market to cash in have a sophisticated system for disguising their transactions. Websites containing healthcare data for sale are typically placed under domains that end in .su and .so, NPR reported. Some feature rating systems that attest to the seller's quality.
Medicare ID numbers are valued at up to $500 each in some cases, compared with $1 or less for credit card numbers.