This stark example of how medical electronic records are vulnerable to violations of privacy comes from Lithuania. Hackers stole 25,000 photographs plus passport and credit card details from the Grozio Chirurgija cosmetic surgery clinic and then threatened to post them online unless they were paid.
The hackers, who call themselves the “Tsar Team” posted the images and personal information on a Dark Web website and are selling them for between €50 and €2,000 each or for €344,000 for the whole package.
“Clients, of course, are in shock. Once again, I would like to apologise,” Jonas Staikunas, the director of Grozio Chirurgija, told local media. “Cybercriminals are blackmailers. They are blackmailing our clients with inappropriate text messages.”
This attack is much more targeted and professional than the Wannacry ransomware virus last month. The hackers took the trouble to scale the amount of the ransom according to individual patients. Clients from Denmark, Germany, Norway and the UK have already received extortion notices.
This article is published by
and BioEdge under a Creative Commons licence. You may republish it or translate it free of charge with attribution for non-commercial purposes following these guidelines
. If you teach at a university we ask that your department make a donation. Commercial media must contact us
for permission and fees. Some articles on this site are published under different terms.