Skip to content Dark Web Informer - Cyber Threat Intelligence
Support
Sign In Subscribe
Leaks

Data Breach Alert: 1.6 Million Medical DEA Numbers and Prescriber Details Leaked from Bausch Health by Sp1d3rHunters

 and  Dark Web Informer
2 min read

Overview

In a significant data breach, Bausch Health Companies have suffered a massive leak of over 3TB of sensitive data, including 1.6 million medical DEA numbers and prescriber details. This breach exposes critical information about healthcare providers, potentially allowing malicious actors to write unauthorized prescriptions for controlled substances.

What is a DEA Number?

A DEA number (DEA Registration Number) is a unique identifier assigned by the United States Drug Enforcement Administration to healthcare providers such as physicians, physician assistants, nurse practitioners, optometrists, podiatrists, dentists, and veterinarians. This number authorizes them to write prescriptions for controlled substances.

Breach Details

The leaked data includes:

  • Customer ID
  • DEA Number (partially masked)
  • State and Hub Information
  • Customer Type and Description
  • Full Name and Personal Details
  • Professional Designation and Title
  • Active and Deactivation Status
  • Sanction Flags
  • Additional Regulatory Information

A sample from the leaked dataset shows 50 prescriber numbers with partial masking of the DEA numbers.

Exclusive Price for Bausch Health

The hacker group responsible for this breach is demanding $3 million USD from Bausch Health to prevent the data from being sold. They highlight the difficulty in resetting DEA numbers, emphasizing that affected doctors would need to submit a manual request to the DEA, a process that could take months.

Online Sale Price

The leaked DEA numbers and prescriber details are being sold online in packages, with the following pricing:

  • $10,000 for 10 DEA numbers
  • $25,000 for 50 DEA numbers
  • $50,000 for 100 DEA numbers

Numbers are sold in packages only, with no individual sales, and require a middleman for the transaction.

Contact Information

The hacker group can be contacted via XMPP at sp1d3rHunters@jabber.ua for further details on the sale.

Implications

This data breach has severe implications for healthcare providers and patients alike. Unauthorized use of DEA numbers can lead to widespread abuse of controlled substances, creating a significant public health risk. Healthcare providers affected by this breach must take immediate action to mitigate potential misuse of their DEA numbers and protect their patients.

Sample Data

Here is a sample from the leaked data showing partially masked DEA numbers:

CUST_ID, DEA_VAL, HUB_STATE_IND, CUST_TYPE_CD, CUST_TYPE_DESC, CUST_SUB_TYPE_CD, FIRST_NAME, MIDDLE_NAME, LAST_NAME, FULL_NAME, FRMR_FULL_NAME, SALUTATION, SUFFIX, TITLE, PFSNL_DGNTN_CD, PFSNL_DGNTN_CD_NBR, SMPL_PFSNL_DGNTN, GNDR_CD, GNDR_ENDER_DESC, BIRTH_DT, DEATH_DT, DEATH_YR, GROUP_PRACT, PDRP_FLAG, PDRP_EFCTV_DT, KAISER_FLAG, AMA_NO_CNTCT, LGL_EXCLSN_FLAG, LGL_EXCLSN_FLG_COMNT, ACTV_STA_CD, ACTV_STA_DESC, DEACTV_REAS_CD, DEACTV_REAS_DESC, VEEVA_STA_CD, VEEVA_STA_DESC, VEEVA_VRFCN_STA_DESC, VEEVA_VRFCN_COMNTS, CUST_DCR_REJ_CD, CUST_REJ_REAS, SANCTION_FLAG

Related

Latest