Criminals use kids personal identifiable information and healthcare data to create synthetic IDs, making data of minors more valuable in underground communities than adults.
This particular hack was caused by a phishing scam. Once hackers gained access to employee credentials, they were able to extract personal, sensitive health date of over 60,000 patients.
Organizations need to take an outside-in approach to protecting their domains and customer data. By receiving alerts when employee credentials are compromised and exposed in underground markets, organizations can take proactive security measures to prevent data breaches before damage is done. 4iQ can help.
Personal data from more than 60,000 individuals may have been compromised as part of an email phishing scam that targeted Children’s Mercy Hospital employees. The emails sent to employees gave the appearance they were from a trusted source and often contained links to a phony login page on a fake website, the hospital said. That gave hackers access to the employee accounts if they entered their usernames and passwords. The compromised data may have included patient names and information, medical record numbers, dates of hospital stays and procedures, diagnoses and conditions and other clinical information, according to a letter sent from Children's Mercy to those affected.