Cybercriminals leak medical data of Humana customers online
Medical data of 6,000 plus patients has been leaked on a popular hacking forum
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Cybercriminals have leaked an SQL database filled with the highly sensitive health insurance data of over 6,000 patients on a popular hacker forum according to anew reportfromCyberNews.
The post’s author claims that the data was acquired from the insurance company Humana which is the third-largest insurance provider in the US. The leaked database is filled with a wealth of information dating back to 2019 including patients' names, Ids, email addresses, password hashes, Medicare Advantage Plan listings, medical treatment data and more.
What makes this leak even more concerning is the fact that just four months ago, Humana notified 65,000 of its customers of asecurity breachin which an employee of a subcontractor disclosed medical records to unauthorized individuals between October and December of last year.
One of the members of the hacking forum that downloaded the database claims that the archive is filled with information from 2020 as opposed to 2019. If this is the case, the leaked data could potentially have been acquired during last year’s security breach. However, it’s worth noting that a majority of the data contained in the samples posted by the leaker come from 2019 and not from last year.
Leaked medical data
Based onCyberNews' analysis, the leaked SQL database contains over 823k rows of data divided into 97 tables and appears to store highly sensitive patient information on 6,487 US patients.
Additionally, the database may also contain API calls to various functions that includeprivate API keysthat cybercriminals could utilize to access other online services used by Humana or even its partners.
With this data in hand, a cybercriminal could target patients with spear-phishing or spam campaigns, file fraudulent insurance claims, use the patients' health insurance, extort patients using their health information or even attempt to commitidentity theft.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Humana customers can useCyberNews’personal data leak checkerto see if their data has been leaked but the news outlet also recommends that they set up identity theft monitoring as well as review recent activities on their online accounts while remaining on the lookout for suspicious emails, messages and other requests.
ViaCyberNews
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
Cisco issues patch to fix serious flaw allowing possible industrial systems takeover
Washington state court systems taken offline following cyberattack
Google TV will require more RAM for future upgrades – which might leave older TVs and streaming boxes behind
