The black market value of stolen medical records dropped dramatically this year Credit: Thinkstock The black market value of stolen medical records dropped dramatically this year, and criminals shifted their efforts from stealing data to spreading ransom ware, according to a report released this morning.Hackers are now offering stolen records at between $1.50 and $10 each, said Anthony James, CMO at San Mateo, Calif.-based security firm TrapX, the company that produced the report.That’s a big drop from 2012, when the World Privacy Forum put the street value of medical records at around $50 each. That’s because the average profit per record was about $20,000. The information in medical records can be used for medical billing fraud as well as identity theft and other big-money scams. But the market has become saturated, said James. With about 112 million records stolen in 2015 alone, the medical info of nearly half all Americans is already out there.For example, this past summer, a hacker offered nearly half a million records from several hacked databases, at an average of around $1 per record, and another 9 million records for less than 10 cents each. Plus, 2015’s megabreaches, like the Anthem loss of about 80 million records, was a big wake-up call.“2015 was obviously a year where cybersecurity came to the forefront for the health care industry,” he said.The combination of a bigger focus on cybersecurity and a falling rate of return for stolen records contributed to a large drop in the volume of losses this year. Although the number of organizations breached went up, from 57 last year to 93 this year, the total number of records lost fell by nearly 90 percent to just 12 million records.TrapX looked at breaches reported to the Department of Health and Human Services, after filtering out all non-hacking-related breaches such as stolen laptops.All breaches of 500 records or more must be reported, James said, though companies have six months in which to make the reports. So the final tally for 2016 could be higher, he said. Last year’s avalanche of awful breach news also woke up health insurance providers and other organizations likely to be targeted by scammers, so they’re now more on alert.“Organizations are taking steps to shore up cybersecurity,” James said.With the falling rate of return for stolen records, scammers have turned to other types of attacks, instead. “That’s why ransomware has started to increase,” he said. “That’s where they’re getting their money now.”One benefit of ransomware, for the attacker at least, is that the payoff is immediate, he said. There’s no need to figure out how to monetize the stolen data.Criminals will continue to escalate ransomware campaigns in 2017, James predicted. Attacks on connected devices will also increase at a higher rate than in previous years. Head over to Facebook to add your comments. Related content news analysis SEC rule for finance firms boosts disclosure requirements Amendments to Regulation S-P requires broker-dealers, investment companies, registered investment advisers, and transfer agents to disclose incidents to customers. By Evan Schuman May 17, 2024 5 mins Data Breach Financial Services Industry Data Privacy feature DDoS attacks: Definition, examples, and techniques Distributed denial of service (DDoS) attacks have been part of the criminal toolbox for over twenty years, and they’re only growing more prevalent and stronger. By Josh Fruhlinger May 17, 2024 10 mins DDoS Cyberattacks news FCC proposes BGP security measures Protecting the Border Gateway Protocol is as important as protecting the border. By Gyana Swain May 17, 2024 1 min Regulation Network Security news US AI experts targeted in cyberespionage campaign using SugarGh0st RAT Threat actors use phishing techniques to obtain non-public information about generative artificial intelligence. By Lucian Constantin May 16, 2024 4 mins Phishing Data and Information Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe