LAS VEGAS (KTNV) — Cybercriminals are pouncing on sensitive patient data amid the COVID-19 crisis sweeping across the country using 'double extortion.'
It's happening with a frightening frequency, according to experts.
Sophisticated cyber hackers are targeting hospitals and healthcare companies and really increasing their efforts.
Check Point Software Technologies, one of the largest cybersecurity companies across the United States, says there were more than 40 million electronic medical records exposed in 2019.
"Think about a credit card number that is stolen, that sells on the dark web for a buck maybe two bucks, but $250 a pop for an electronic medical record because you can create somebody's identity with it," said Kierk Sanderlin with Check Point Software Technologies.
Sanderlin says medical information is a treasure trove for cybercriminals because it usually includes names, addresses, date of birth, and social security numbers.
"So it's kind of scary, due to COVID-19 right now, our health workers are under extreme duress and the IT staff that support these hospitals and the last thing they need is to be worried about a new ransomware campaign," said Sanderlin.
Experts say hackers are doing something called 'double extortion."
That is, hackers steal data from healthcare providers and then demand a ransom to return the data and hijacked systems. If not, the data is slowly leaked on the dark web for sale.
"That is a prime concern of ours to keep medical information safe and secure," said Michael Gagnon, executive director of HealtHIE Nevada.
HealtHIE Nevada is a not for profit organization that helps healthcare providers and patients to secure records and streamline sharing of information such as test results.
"This is something that we've been working on for a long time," said Gagnon.
"We have over 75 connected organizations the state and we believe that public health and providers access to medical records could be greatly improved by really connecting everyone in the state," said Gagnon.
Gagnon says the system is an opt-in style program and is providing crucial, real-time patient information for doctors amid the COVID-19 crisis.
Experts say when it comes to protecting against cyber hackers: do not click on any links in emails that appear suspicious and never download attachments you were not expecting.