This is just scary.
A hacker calling himself "TheDarkOverlord" has just posted 9.3 million records for sale on the Dark Web for nearly $500,000 with the promise that the hacker will only sell the data to one client.
Dark Overlord is the perfect name, really. Among the data are millions of first and last names, addresses, city, state and ZIP codes, phone numbers, birthdays and Social Security numbers. To make matters worse, he stole the data from a major, currently unnamed health insurance company.
On top of that, this hacker is also selling more records from health care organizations. He's got 48,000 records from Farmington, Missouri, 207,572 from the Midwest, and 396,458 from Atlanta, Georgia.
How did he do it?
TheDarkOverlord claims he used an RDP zero-day attack, which means he exploited previously unknown security holes to get into the system. Here's what he posted in the listing:
"This product is an extremely large database in plaintext from a large insurance healthcare organization in the United States. It was retrieved using a 0day within the RDP protocol that gave direct access to this sensitive information."
If you're worried about your personal information, you might want to look into a credit monitoring service. Otherwise, just make sure you're checking your statements regularly. If you see any suspicious activity, be sure to report it.