Hackers are accessing the data through hospitals and pediatricians, and are targeting children born between 2000 and 2010, according to the report.
Motherboard learned about the practice after an official from cybersecurity firm Terbium Labs notified a reporter of the scam.
“For very young children it’s reasonable to assume criminals are sourcing the data through access points in hospital networks or government systems. In this case, the vendor is explicit about the hospital connection,” Emily Wilson, VP of research at Terbium Labs, told Motherboard.
Those being affected are now between 8 and 18 years old, and Wilson says there’s serious potential for credit scams as the affected parties likely won’t be involved in such financial activities for a few years at least. Hackers could use available data and potentially cause serious damage to do “serious financial damage” using a child’s information.
A screenshot shared by Motherboard shows an advertisement titled “USA KIDS FULLZ,” referring to a “full” set of information on these children. The amount of information varies, with a bundle of sets being sold for $490 or as high as $790, depending on the platform. An individual set costs $10.
The product description offers “bulk discounts” and also notes these children come from good families and can pay for medical support.