Skip to main content

Security Firm Discovers Thousands of Data Files Stashed on Crimeware Servers

Security firm Finjan revealed that it discovered medical, business and airline data stolen and traded by cybercriminals using targeted campaign on a server controlled by hackers (Crimeserver) containing more than 500Mb of premium data.

The data included healthcare and business related data, as well as personal identifiable information (stolen Social Security Numbers). This data is part of the premium offering that the cybercriminals operating the Crimeservers were selling to the highest bidder online.

The compromised data came from all around the world and contained information from individuals, businesses, airlines and healthcare providers.

The report contains examples of compromised data that Finjan found on the Crimeserver, such as medical related data of hospitals and publicly owned healthcare providers, business related data of a U.S. airline carrier, Identity theft (stolen Social Security Numbers)

Some of the implications of stolen medical and patient data include: illegal and/or bogus treatments; obtaining prescription drugs for the purpose of selling them; loss of health coverage for the victimized patient; inaccurate records of victimized patients, which could result in incorrect and potentially harmful treatments.

These campaigns consisted of highly sophisticated attacks, incorporating Crimeware toolkits, Trojans and Command and Control (C&C) servers to drive traffic from a specific region, with specific characteristics.

Healthcare providers could also face potential HIPAA violations or breach of general data protection legislation.

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website building and web hosting when DHTML and frames were en vogue and started writing about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium. Following an eight-year stint at ITProPortal.com where he discovered the joys of global tech-fests, Désiré now heads up TechRadar Pro. Previously he was a freelance technology journalist at Incisive Media, Breakthrough Publishing and Vnunet, and Business Magazine. He also launched and hosted the first Tech Radio Show on Radio Plus.