Sensitive Data of Healthcare and Airline Companies found in Argentina and Malaysia
Researchers at Finjan have recently discovered 500 megabytes of confidential data on servers located in Argentina and Malaysia. The private records contained Citrix single sign-on credentials for accessing patient and financial data at a major U.S. hospital and major healthcare organization and also credentials for accessing a large U.S. airline carrier’s passenger and cargo lists, flight schedules, security measures, and financial data.
According to DarkReading quoting Yuval Ben-Itzhak, CTO of Finjan, the Finjan research findings shows criminals are shifting focus to different data that they can easily steal and effectively sell to the highest bidder.
“It’s supply and demand. The fact is these people are now going after data that’s different from [the standard] credit card and SSN,” Ben-Itzhak says. “A year ago, a [stolen] credit card was $100. Now you can get one for $10-$20 a card.”
But that doesn’t mean cybercriminals still aren’t pilfering credit card data, other security experts argue. “I don’t think there is a shift in cybercriminals stealing data other than credit card numbers. The stolen data from popular and mainstream Trojans is mainly grabbed via keylogging — everything is captured, [and] then the wheat is separated from the chaff,” says Guillaume Lovet, senior manager for Fortinet’s Threat Response Team.
