recommended reading

Threatwatch

Hackers Blackmail Plastic Surgery Patients After Stealing Pictures

Data dump; Network intrusion

Hackers published a cache of personal information—including nude pictures—from Lithuanian plastic surgery clinics after attempting to blackmail the business and the patients.

The data dump Tuesday included more than 25,000 pre-and post-operation photos, and data such as passport scans and insurance numbers of the Grozio Chirurgija clinic chain clients, according to The Guardian. The clients came from 60 countries.

Lithuanian police said the Tsar Team hacking group stole the data earlier this year, releasing a small batch in March and another Tuesday. The group first attempted to get a 300 bitcoin (about $688,000) payment from the clinic, reduced the price to 50 bitcoins (about $114,000) and eventually turned to extorting individual patients. "Dozens" have come forward about blackmail attempts, the police said.

The police, working with other European authorities, warned people who download and store the stolen data could also be prosecuted.

sector

Healthcare and Public Health

reported

May 31, 2017

reported by

The Guardian

number affected

Unknown

location of breach

Lithuania

perpetrators

Criminals

location of perpetrators

Unknown

date breach occurred

2017

date breach detected

Unknown