The US healthcare hacking spree continues as a group of hackers reportedly leaked a massive amount of sensitive patient data and internal documents. The data dump, which reportedly consists of over 100,000 stolen files, includes names, addresses, phone numbers and date of birth.
Over 150 GB of data from the Central Ohio Urology Group was leaked on Twitter by suspected Ukrainian-linked hackers using the pseudonym Pravvy Sector, according to reports. The leaked data also allegedly includes information on the kind of treatments patients received, such as renal ultrasound and sperm count. Several files also revealed the names of the insurance companies that patients were registered with.
Israeli data mining firm Hacked-DB, which is reportedly investigating the breach, told HackRead: “This is the Hacking Team sort of data breach, so it is huge and it will take a while to come up with complete results.”
It appears that patient files dated as far back as 2012 have been leaked. One specific internal file titled “radiographic evaluation – summary” detailed the name of the doctor, the treatment received, the date of the examination and further diagnostic information.
The Central Ohio Urology Group is believed to be one of the largest urology practices in the state, with 28 of their staff working in major hospitals and over 20 branches. An unnamed representative of the group told the Columbus Dispatch: “I can say nothing on the record at the present time. We’re investigating to the fullest of our abilities.”
The Pravvy Sector was also recently involved in attempting to extort $50,000 from the Polish authorities with the threat of leaking sensitive files they claim to have stolen from the defence ministry.
In June, a hacker going by the name “the darkoverlord” leaked massive amounts of data he claimed to have stolen from several US healthcare groups. According to Verizon’s security breach report, the healthcare industry has so far sustained over 160 security incidents.