The culprit is telling Motherboard that there are already prospective buyers for the authentic (if possibly outdated) info, which is selling for between $100,000 to $411,000 in bitcoins. Either way, the incident highlights the increasing dangers of lax security for health care records. In all three breaches, the organizations’ internal networks were not only accessible, but stored login details in plain text — these were entirely avoidable incidents. Until security is more of a priority, stunts like this could easily happen again.