Patient records. Prescription plans. Payment records. Standard files that would be kept on record in any hospital.
Lists of city parks and amenities. Arrest warrants. Blood spatter pattern analysis. A mixture of mundane and highly sensitive documents kept by a city government.
But these aren't files held securely on a database. They’re available for anybody to download and view, to peruse and mine for information. They’ve been published on the dark web by the Conti group, the same group involved in the hacking of the HSE – the largest data breach in the history of the State.
In this case, the information is from hospitals and city governments in the United States, but could serve as a warning of what might happen to the compromised data from own country that is currently being held hostage.
The government and hospital data sits alongside similar dumps of stolen material from private companies, financial institutions and even schools.
There are bank details of customers, personal information relating to schoolchildren. Useless to most people, damaging to those who have lost it, and potentially very lucrative to criminals who will use this information to blackmail and embarrass.
"They have leaked before from hospitals in the United States. These are available to anyone. If somebody wanted to, they could go through these. They could mine them for pretty much whatever sensitive information they want," said Darren Martyn, a former hacker turned security consultant.
Darren gave Prime Time a tour of the dark web. He has been keeping a close eye on developments in the HSE story, monitoring the back-and-forth with the hackers that has seen them served with injunctions from the Irish High Court.
It’s still unclear whether this will prove to be a sufficient deterrent.
"It’s a slick operation", Darren told Prime Time. We’re looking at the chat feature used by the group to extort money from their victims.
It looks no different to the chat function on the website of your phone or broadband provider. "It’s a very customer service type set-up," he said.
The demands for ransom are issued with an ultimatum: pay us by a certain date or your information will be made public.
The date given to the HSE was yesterday. There has been no information published yet, but we needn’t think that these are idle threats.
The evidence is there for us to see. The details of those who have been hacked hang on the Conti website like trophies mounted on the wall of a hunting lodge.
For the most part, these are companies or organisations who didn’t pay the ransom and suffered the consequences.
In some instances, only a certain percentage of files have been published – just enough to shock people into paying. In other instances, the Conti website is courting buyers for the information. If the owner won’t buy it back, perhaps other criminals will be interested.
We look at the tools used by the hackers. It’s commercially available software, usually used by security companies to test systems for weakness, but can be perversely used in the exact enterprise it was designed to prevent.
It’s expensive and the company providing it goes to great lengths to ensure it’s not sold to just anybody. It runs background checks. It refuses to sell to countries on sanctions lists. Darren told Prime Time that it’s not difficult to find cracked copies, freely available to download.
But, not only is it possible for Darren to source a copy, but it takes him less than 20 seconds to find one.
With tools like this readily available and easy to use maliciously, should the HSE have been better prepared?
"What often happens is their IT departments are pretty much universally under-resourced. They'll be running old software. We've all heard stories about Windows 7 being used, or Windows XP," he said.
"And quite often software that they use for medical purposes, like medical imaging software, won't support modern operating systems. So they have to keep some stuff running older systems."
There has been no dumping or leaking of HSE material yet, even though the deadline issued by the group has passed.
Ireland’s health service so far remains absent from the hackers’ trophy wall. Even so, nothing we have seen suggests that the group will have any issue in pulling the trigger.
"It would almost be a negative to them" said Darren. "It would show that they don't follow through on their threats. And for extortionists like these guys, they have to keep following through the threats."
It’s what keeps their victims afraid, which is what keeps their victims paying, he notes.
"We're talking like an economy basically and this is what they do," he said. "This is what they see as their job."