New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Truck Drivers and Rail Workers Medical Records Leaked

Data belonging to employees of the United Parcel Service (UPS) and Norfolk Southern Railroad was published on the dark web after a cyber-attack on Taylor Made Diagnostics (TMD). TMD operates occupational health clinics used by transportation companies and government agencies, including the Secret Service and the US military. The breach included sensitive information such as medical exams, records, and social security numbers. It is likely that records belonging to employees of US government agencies are also included in the leak. According to the US department of Health and Human Services, 37 US healthcare providers reported data breaches or information technology incidents that compromised the data of 1.5 million patients.

Analyst Notes

Threat actors can leverage stolen medical records to impersonate legitimate patients to commit various forms of fraud, including submitting fraudulent claims to health insurers without authorization. This could not only affect healthcare coverage but also compromise safety if there’s misinformation on file that is needed for medical treatment. Anyone who may have been a victim of a medical data breach should get confirmation from their provider to find out exactly what information was stolen. Change and strengthen any online logins and implement multi-factor authentication. Asking the insurance provider for copies of claims and carefully reviewing the explanation of benefits notices can reveal if a patient’s identity has been used fraudulently. This might show if inaccurate health and medical information is present in the patient’s records. Lastly, financial and credit accounts should be monitored closely, because sometimes medical insurance information is used to commit other forms of financial fraud. Placing a credit freeze on file with the credit bureaus and notifying banks or other financial institutions is helpful to prevent fraud when identity theft is suspected.