A hacker known as “Skyscraper” reported that the records of approximately 500,000 children and their parents can be found on the dark web by simply searching “patients.” While most of these records originate from compromised pediatricians using outdated software, still another 200,000 were actually taken from schools.
These records can be bought for around $600 – $1200 a pop, depending on the depth of information, included names, DOBs, addresses, and, scarily, SSNs. And one of the worst things is that most of the providers are likely unaware that their data has been breached. This can be seen by the fact that the number of stolen records reported is significantly less than the number of stolen records available on the dark web.
What are the implications of that? It means that hackers and criminals who purchase this information have easily build and maintain fake identities until for many years until the breach is eventually uncovered.