A data set of around 1,50,000 patient records traced to a hospital in Tamil Nadu is being sold on the dark web, reported an AI company monitoring cyber crime.
(For insights on emerging themes at the intersection of technology, business, and policy, subscribe to our tech newsletter Today’s Cache.)
According to CloudSEK, the data belongs to the patients of Sree Saran Medical Center. The exploit reportedly targeted a third-party company called Three Cube IT Lab and the incident came to light around November 22.
“The data set contains 150K records of patients’ data. The data fields present in the patients’ database include - patient name, guardian name, DOB, doctor’s details, and address information,” stated CloudSEK’s press release. The records go as far back as 2007.
The perpetrator is said to have a “high reputation on a cybercrime forum” and is reportedly selling copies of the data as well as ownership rights over the data for hundreds of dollars.
Sree Saran Medical Center is located in Tirupur, Tamil Nadu.