A notorious ransomware gang is threatening to release “pictures of patients” it claims it hacked from a plastic surgery clinic in Beverly Hills, California.
On Wednesday, the cybercrime group ALPHV, commonly referred to as BlackCat, shared a post on the dark web alleging that it had stolen Personally Identifiable Information (PII) and Protected Health Information (PHI) from Beverly Hills Plastic Surgery, Inc. (BHPS).
“We have lots of PII and PHI, including a lot of pictures of patients that they woud [sic] not want out there,” the group wrote. “It be in your best interest to reach out before we release all data. Leak to follow if no contact made.”
Traditionally, ransomware groups locked victims out of their computers by encrypting their files. Unless a ransom was paid, the key to unlock the files would not be provided. However, cybercriminals are increasingly stealing files and threatening to release them to the public if the ransom demands are not met.
The Daily Dot attempted to reach out to BHPS to inquire about ALPHV’s claims but the company’s website was unavailable, although examination of the Internet Archive shows that the website was still available as of March 20. Phone calls to both the office of BHPS as well as one of the clinic’s doctors were met by answering machines.
Given the location of the clinic, BlackCat appears to be boasting it obtained pictures of celebrities.
The incident is not the first time that such a medical establishment has been targeted by a ransomware group. Back in late 2020, the cybercrime gang REvil successfully breached The Hospital Group, a leading cosmetic surgery company in the U.K., and likewise threatened to release photos of patients.
Speaking with the Daily Dot, Brett Callow, a threat analyst with the cybersecurity firm Emsisoft, warned of the growing threat from ransomware gangs that target medical information.
“This is not the first time a ransomware gang has attempted to weaponize patients’ photos, and it will not be the last,” Callow said. “In one case, a gang even attempted to leverage photos of a breast cancer patient which had been exfiltrated from a hospital.”
Callow further stressed that healthcare providers must put appropriate security mechanisms in place to not only protect patients but themselves from “costly breach-related class action lawsuits.”
“It’s not only what ALPHV may do with the photos that patients need to be concerned about. If they do end up online, they could be accessed and potentially misused by third parties—and that misuse could include attempts to extort money from the patients themselves,” Callow added.
The alleged attack is just the latest from ALPHV, who just days ago claimed responsibility for breaching Reddit. ALPHV has since threatened to release internal data from the company unless it not only agrees to pay a ransom but reverse its plans to increase prices for API access.
Sign up to receive the Daily Dot’s Internet Insider newsletter for urgent news from the frontline of online.
Source: https://www.dailydot.com/debug/beverly-hill-plastic-surgery-hack-alphv-blackcat-ransomware-pictures/