Hackers are selling at least 1.5 lakh patients’ data records belonging to Tamil Nadu-based hospital called Sree Saran Medical Center for hundreds of dollars on the Dark Web.
Hackers are selling the stolen database for $100-400, according to security researchers from AI-driven cyber-security firm CloudSEK.
Hackers are selling the data like patient name, guardian name, date of birth, doctor’s details and address information.
Hackers have allegedly sourced the data from a compromised third-party vendor, Three Cube IT Lab, the report claimed. However, CloudSEK said it had no information that ThreeCube may be operating as a software vendor for Sree Saran Medical Center.
“A sample was shared as proof for potential buyers to inspect the authenticity of the data. This data was found to be containing patient details from a hospital, based in Tamil Nadu. The sample image has data records dated from the years 2007-2011,” the report mentioned.
CloudSEK’s AI digital risk platform XVigil discovered a post made by a threat actor, advertising sensitive data allegedly sourced from Three Cube IT Lab India.
CloudSEK said it has informed all the stakeholders about the incident.
“The data that was stolen from Three Cube IT Lab has been advertised on popular cybercrime forums and a Telegram channel used to sell databases and which is frequented by threat actors,” the report noted.
“We term this incident as a supply chain attack, since the IT vendor of the Hospital, in this case Three Cube IT Lab, was targeted first,” said Noel Varghese, Threat Analyst, CloudSEK.
“The threat actor was able to exfiltrate Personally identifiable information (PII) and Protected Health Information (PHI) of their hospital clients using the access to the vendor’s systems as initial foothold,” Noel Varghese said.
CloudSEK’s researchers used the names of doctors from the database, in order to identify the healthcare firm, whose data was present in the sample. They were able to identify that the doctors work at a medical firm known as Sree Saran Medical Center.