Hackers ransom sensitive photos, information stolen from cosmetic clinics

Ccleaner

You can do everything right, including keeping your systems protected, never clicking on suspicious links, and making sure to enter private information only on safe sites, and you can still see your most private information stolen and published. The reason is simple — our information is located on servers that we do not control and sometimes, those servers are vulnerable to attack.

Such was the case with a chain of Lithuanian cosmetic surgery clinics, which was attacked by a group of hackers known as Tsar Team. The hackers broke into the servers, stole sensitive personal data and private client photos, and are now holding the clinics hostage, The Guardian reports.

When you have cosmetic surgery performed, the surgeons and their staff take photos to plan procedures and to provide before-and-after comparisons. Many of these photos are taken of clients in the nude and are thus just as sensitive as any of the photos stolen and published in various famous celebrity attacks. These photos, along with sensitive personal records, are now being used to extort individual clients of the clinics into paying between 50 and 2,000 Euros in bitcoin or the records and photos will be publicly released.

At first, the hackers were willing to sell back the entire database for 300 bitcoins, or around $685,000, but the clinics refused to pay. Now, the payment for the database has been reduced to 50 bitcoin, or around $114,000. The per-record ransom is based on how sensitive the data and photos are, with the most revealing photos and information like passport scans and national insurance numbers having the highest price tag.

According to Jonas Staikunas, the director of the Grozio Chirurgija chain of clinics that suffered the attacks, “Clients, of course, are in shock. Once again, I would like to apologize. Cybercriminals are blackmailers. They are blackmailing our clients with inappropriate text messages.”

The clinic is suggesting that patients do not engage the blackmailers and Lithuanian law enforcement agencies are working to locate the hackers. In addition, anyone who downloads and stores the data illegally will also be prosecuted.

The attack follows along with the massive Wannacry ransomware attack that affected hundreds of thousands of individuals and organizations around the world. It serves to further highlight the need for locking down systems and doing more to keep them safe from these kinds of attacks. In the end, it is not enough that we keep our own systems secure — we have to worry about the systems maintained by every organization we do business with.