Another massive cyber-attack in a healthcare industry.
More than 25,000 private photos – including naked images – were made public by hackers on the 30th May as they gained access to a Lithuanian surgery’s server.
The Grozio Chirurgija clinic based in Kaunas, Lithuania, was hacked earlier this year by a group calling themselves “Tsar Team”. They managed to break into the servers in March, originally releasing a portion of their database alongside a large ransom demand from the surgery.
The hackers asked for nearly £350,000 in ransom payments from the surgery back in March to protect their patients’ medical records and private images, but the surgery refused to pay. As a result, the group released the whole database of nearly 25,000 patients onto the dark web.
What information was released?
The establishment specialises in a number of different surgeries including cosmetic surgeries, day surgeries and dentistry. They therefore have a large number of patients, and most of these patients will have to have photographs taken for the purpose of corrective surgeries, and some of these photos will be of sensitive areas. The hackers gained access to the patients’ medical records which included photos taken by surgeons before and after surgery.
The medical records also included:
- Copies of passports
- National insurance numbers
- Names
- Addresses
- Phone numbers
- Email addresses
- Date of birth details
Depending on the level of information the hackers have on each patient, they are asking for €50 – €2,000 payment in Bitcoins to delete the records permanently from the internet. The hackers have scored the data sensitivity of each record from low to critical, with critical being the most expensive. They are also offering the whole database of all 25,000 patients on the dark web, which they originally listed it for 300 Bitcoin, which is equivalent to £500,000 but they have now reportedly dropped the price down to 50 Bitcoin, which is around £100,000.
Hackers bombarding patients
In an attempt to get their payments, hackers are contacting patients directly via email and text messages, threatening their sensitive medical records and photographs. The hackers seem somewhat desperate to receive payment for these records, but the surgery has informed patients to immediately report any blackmail to the authorities.
Out of the 25,000 patients affected, nearly 1,500 U.K. citizens are reportedly affected, and some of these are even thought to be celebrities. Patients from nearly 60 countries around the world are affected in total.
Authorities investigating
After the huge cyber-attack affecting the NHS last month, healthcare industries have been warned of imminent attacks on their servers. Medical records can be a treasure trove of sensitive information for cyber criminals – not only can they threaten ransom by making the organisations or patients pay out or face their information shared, but they can also use the data to impersonate a patient and potentially gain access to bank accounts or other financial information.
Police in Lithuania and authorities across Europe have been alerted. A cyber-attack on this scale can be punishable by up to three years in prison in Lithuania, and police are also warning that anyone who downloads or shares the data could also be prosecuted. They are also working with security services across Europe to come up with a solution to this breach.