Hackers threaten to release photos of Beverly Hills plastic surgery patients

Patients of a Beverly Hills plastic surgery clinic face the potential horror of having highly sensitive images of their bodies leaked onto the internet by hackers.

The notorious BlackCat ransomware group (also known as ALPHAV) has said it is responsible for the security breach at Beverly Hills Plastic Surgery (BHPS), which claims to include high profile celebrities amongst its clients.

On its leak site on the dark web, BlackCat claimed it would start to release personal information and pictures of patients "very soon":

I imagine that's worrying enough if you are a celebrity who has had a "nose job," but potentially even more embarrassing if it's other err.. parts of your anatomy that you have paid to have nipped and tucked.

Unfortunately, this is not the first time that cybercriminals have threatened to release the images of plastic surgery patients.

For instance, in late 2019, a Florida-based plastic surgery clinic received a ransom demand from hackers who threatened to not only release the photos of up to 3,500 patients, but had also stolen personal information including scans of driver’s licenses, home addresses, email addresses, telephone numbers, insurance policy numbers, and partial payment card details.

A similar fate had befallen a London-based plastic surgery in 2017, which was hacked by The Dark Overlord group.

Then, in December 2020, a UK cosmetic surgery chain beloved by celebrities fell victim to the Revil ransomware gang, which threatened to publish patients' "before and after" photos.

The Russian-speaking BlackCat extortion group responsible for the attack on BHPS has gained a reputation for blackmailing a wide variety of organisations, running a ransomware-as-a-service operation that has offered up to 90% payouts to its affiliates.

In the last week, the BlackCat hacking group has threatened to release data it stole from  Reddit - demanding a US $4.5 million ransom and that the company cans contentious changes to its API pricing.

BlackCat compromised Reddit in February via what the website described as a "sophisticated phishing campaign" that targeted employees.

The theft happened a few months ago, and was the result of a "sophisticated phishing campaign" against its staff that Reddit said it encountered on February 5 and disclosed on February 9.