Cybercriminals are stealing personal information of American children from hospitals and pediatricians, and selling it on different dark web markets.
The compromised information on sale includes children’s names, addresses, phone numbers, dates of birth, and Social Security Numbers.
According to the Motherboard reports, the researchers found out that the hackers are targeting children born between 2000 and 2010.
The amount for which the information is being sold varies with a bundle of sets, for individual set you have to pay $10, and for a bundle of set you can get it at $490 or sometimes have to pay as high as $790, it rates depends on the platform it is being sold.
Cybersecurity firm Terbium Labs’s Vice President of research wing, Emily Wilson, informed the Motherboard about the scam. However, most of the stolen information is already available on the various popular dark web market under an advertisement titled “USA KIDS FULLZ”.
“For very young children it’s reasonable to assume criminals are sourcing the data through access points in hospital networks or government systems. In this case, the vendor is explicit about the hospital connection,” Wilson told Motherboard.
Wilson says “there is serious potential for credit scams” as children who are affected by this are now between 8 and 18 years old, it is likely that they won’t be involved in crucial financial activities for a few years. Hackers could use their available data and can cause “serious financial damage” through it.
In the dark web market, the hackers have specified that these children are “from good families who can provide [and pay for] medical support,” said Wilson, Motherboard reported.
Selling of kids’ data would become a serious problem in the near future if it is not tackled with promptness. “As children get older, their data starts to enter the system more broadly, through school registrations and other activities,” Wilson added.