Expand / Collapse search
Watch TV
Menu

This material may not be published, broadcast, rewritten, or redistributed. ©2024 FOX News Network, LLC. All rights reserved. Quotes displayed in real-time or delayed by at least 15 minutes. Market data provided by Factset. Powered and implemented by FactSet Digital Solutions. Legal Statement. Mutual Fund and ETF data provided by Refinitiv Lipper.

Security

Hackers are selling babies' personal data on the Dark Web

By John Brandon , Fox News
Published | Updated
DarkWeblistingEdit

A listing for infants' personal data including Social Security Number and Date of Birth, also known as 'fullz, that came from pediatrician databases, according to healthcare security company Cynerio (Cynerio)

The personal information of babies is now available on the Dark Web.

Younger children -- even newborns -- now have a social security number, but they have obviously never made any purchases, which means they have a “perfect” credit history. Hackers sell the information these days with a complete “how to” for the buyer, explaining the steps to file fraudulent tax records or apply for a credit card without getting caught.

As the child grows up, he or she might discover they’ve been hacked. And it will be difficult or impossible to correct any credit history problems or fraudulent purchases.

YOUR ONLINE IDENTITY SELLS FOR EXACTLY $1,170 ON THE DARK WEB -- HERE'S HOW TO BLOCK THE SALE

Experts tell Fox News the technique actually works.

“From what our researchers have seen, there is an elaborate marketplace on the Dark Web where the stolen data is distributed through channels to end users,” said Leon Lerman, the CEO of Cynerio, a healthcare security company based in New York. “The hackers, who at the top of the black market value chain, sell raw patient data in bulk.”

Interestingly, Lerman says this is one case where educating the public -- even the parents -- might not help. With most security risks, part of the answer is to withhold personal information unless it is absolutely required. However, parents must register the child’s new SSN.

RUSSIAN HACKERS POSED AS ISIS TO THREATEN MILITARY WIVES

Ron Schlecht, a managing partner at BTB Security, says the problem with hacked data for young children is that it can be combined with other data. For example, since the SSN and date of birth data is real, the hacker might build a credit record using a fake name and address. Even denied attempts to apply for credit cards help build up the history, he says.

“It’s a type of fraud that combined real information with fake information,” he said.

Mounir Hahad, the head of threat research at Juniper Networks, said it’s even at the point where the youngest children will likely assume they’ve been hacked by the time they reach the age to obtain a credit card, a new mortgage or buy a car. “It’s no longer a matter of protecting against theft, but instead protecting ourselves against the fallout,” he explained.

HOW HACKERS COULD TURN A 'SMART CITY' INTO A HOUSE OF CARDS

According to Gary Davis, the chief consumer security evangelist at McAfee, another problem is that parents won’t bother to check if there’s been a hack for several years. So the theft is “safe” on the Dark Web unless parents check the history routinely.

“Depending on how extensively the information has been abused, it could take the child years to remediate and get their identity and reputation restored,” says Davis. “In extreme cases, they may need to get a new social security number.”

One solution? Business expert and author Aaron Young says parents should think about whether they really need to hand out personal information for babies.

“Pay attention to who you allow to have your children’s identifying information,” he says. “Why does the doctor need that? Why does the school need that?”