2 min read

Cosmetic surgery hacked. Nude photos and data exposed on the dark web, as hackers blackmail patients

Graham CLULEY

May 31, 2017

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Cosmetic surgery hacked. Nude photos and data exposed on the dark web, as hackers blackmail patients

A chain of cosmetic surgery clinics in Lithuania has been hacked, and fallen victim to cold-hearted extortionists who have no qualms about blackmailing both the business and its customers.

According to media reports, a hacking group called the Tsar Team broke into the servers of Grožio Chirurgija and stole the personal data and more than 25,000 private photos of clients.

At first the Tsar Team attempted to sell the stolen data back to the clinic, for the eye-watering sum of 300 bitcoins (about half a million dollars). But when the clinic refused to play ball, the hackers targeted patients – demanding payments of up to 2000 Euros for the victim’s photos, home addresses, scans of passports and national insurance numbers.

The Grožio Chirurgija cosmetic surgery clinics has thousands of customers in more than 60 countries around the world, including the UK, Germany, and Denmark, who travel to Lithuania for nips and tucks on the cheap.

Clients are thought to include celebrities, who might have particular interest in their details and private photos not leaking onto the internet.

Even the most selfie-obsessed individual would probably balk at the thought of private photographs of their wobbly or intimate body parts taken before and after surgery falling into the hands of the public.

The full database is now being offered for a 50 bitcoin, a measly $112,000 at current rates, which is quite a reduction from the hackers’ initial demands.

Andzejus Raginskis of Lithuania’s police bureau told reporters that the data had been uploaded to the dark web:

“It’s extortion. We’re talking about a serious crime.”

On its website, the hacked chain of clinics says that it is working closely with the police, and is urging customers to take precautions.

Those precautions include telling clients to be wary of opening emails or clicking on links which may have been sent by the blackmailers, and to pass any communications (including SMS text messages they may receive) to the authorities.

Grožio Chirurgija is also advising concerned customers that if they find a link to their private data online, to request its removal from the Google search engine as soon as possible.

All of which seems like sensible advice to me, but I was disappointed to see it only offered on the Lithuanian version of the surgery’s website and not on its (probably more widely understood) English language edition.

The cosmetic surgery says that it is strengthening its IT security in the wake of the attack. But for those innocent patients whose privacy has been put at risk, it really is a case of too little, too late.

tags


Author



Right now

Top posts

Ultimate Privacy Guide for Your Facebook Account

Ultimate Privacy Guide for Your Facebook Account

August 31, 2021

6 min read
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

August 27, 2021

2 min read
Your Netflix Account May Be on Sale on Darkweb. Protect It

Your Netflix Account May Be on Sale on Darkweb. Protect It

August 13, 2021

3 min read
E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Man who "scraped and sold 178 million users' data" is sued by Facebook Man who "scraped and sold 178 million users' data" is sued by Facebook
Graham CLULEY

October 26, 2021

2 min read
Microsoft Teams Rolls Out End-to-End Encryption Microsoft Teams Rolls Out End-to-End Encryption
Silviu STAHIE

October 25, 2021

1 min read
Stay Updated to Keep Ahead of Cyber Threats – Updating Chameleon Explains Stay Updated to Keep Ahead of Cyber Threats – Updating Chameleon Explains
Filip TRUȚĂ

October 25, 2021

2 min read