Posted on June 1, 2017 at 12:58 PM

Private Photos from Cosmetic Surgery Clinics Released by Hackers

Over 25,000 private photos, including the nude ones, were published by hackers. All of the photos, together with other personal data, belong to the patients of a certain Lithuanian cosmetic surgery clinic.

The pictures were released on Tuesday, and it’s suspected that the hacking group responsible for this is the one called Tsar Team. These hackers managed to break into the servers of the hospital earlier this year. The hospital that was hacked was Grozio Chirurgija clinic, and after they’ve stolen the data, hackers demanded ransom from the hospital’s clients.

After the ransom demand, a part of the data that hackers stole was released back in March. Now, however, the hackers have decided to release the rest of the data, including thousands of pictures. It’s not yet known just how many patients ended up being affected by this. However, the police have said that dozens reported being blackmailed and that this is an official case of extortion.

The hospital’s database has over 1,500 British patients. The ransom requests vary from €50 to €2,000, all to be paid in bitcoin, and the price of the ransom is set in accordance with the sensitivity of the data. And much of the data is very sensitive, and also very important to the victims of the hack, which means that the requests would be that much higher.

Hackers initially offered the entire database for 300 bitcoins, since they didn’t wish to bother with blackmailing every patient individually. According to the current bitcoin value, that would be over half a million pounds. Unfortunately, the clinic did not agree to pay, and so in time, the price of the full database dropped to 50 bitcoins, or £100,000.

The Lithuanian police are working with the law enforcement and security services from other European countries and they warn that those who download the stolen data might also be prosecuted.

In the meanwhile, the director of Grozio Chirurgija, Jonas Staikunas, has apologized for the incident.

This hack has achieved another thing, and that’s shedding light on the bad cybersecurity of this nation. It’s estimated that over half of the websites from this country can be hacked with relative ease. This includes the offices of private doctors, travel agencies, and other clinics like this one, and they’re all marked as vulnerable.

Ever since the WannaCry ransomware, the security of the healthcare information was in the center of everyone’s attention. Especially because it was this very attack that took down systems in many of the NHS trusts a couple weeks ago. However, that attack didn’t have one, specific target like this one, but it was rather scattered, and it spread across the world, helped in large amount by the human error. This attack, however, had only this hospital as its target.

The clinic has warned the affected patients not to establish contact with the hackers, nor should they download anything that they might get via email or otherwise. Doing so might only help hackers with launching more attacks. Anyone who gets contacted by the hackers shouldn’t reply, but instead, contact the police.

This hacking group has become quite infamous lately, and if Tsar Team isn’t the name you know them by, they are also called APT28 and Fancy Bear. The group that hacked this hospital could be the real Fancy Bear hack team or another one that simply adopted the name Tsar Team as part of covering their tracks.