Ransomware Group Threatens To Release Hospital Patient Photos

security, hacking

Hacking group REvil threatens to release 900GB of before-and-after photos of cosmetic surgery patients unless ransom is paid

Hackers have threatened to release before-and-after patient photos stolen from a prominent UK hospital chain specialising in cosmetic surgery and weight loss.

The Hospital Group, also known as the Transform Hospital Group, confirmed it had been hit by a ransomware attack.

“We can confirm that our IT systems have been subject to a  data security breach,” the group said in a statement provided to the BBC.

“None of our patients’ payment card details have been compromised but at this stage, we understand that some of our patients’ personal data may have been accessed.”

security and privacy dataData theft

The groups aid it has informed the Information Commissioner’s Office (ICO) of the incident.

Hacking group REvil, known for a May hack of celebrity law firm Grubman Shire Meiselas & Sacks, as well as strikes on other prominent targets, claimed responsibility for the incident on a dark web site.

The the “intimate photos of customers” were “not a completely pleasant sight” the group said, claiming it had stolen 900 gigabytes of patient photographs.

In May the REvil group, also known as Sodinokibi, demanded $42 million (£31m) from New York-based GSMS after claiming it had compromised the company’s IT systems and stolen 756 gigabytes on A-list celebrities.

GSMS’ list of clients includes well-known figures such as Lady Gaga, Madonna, Mariah Carey, U2, Bruce Springsteen, Priyanka Chopra and Bette Midler.

High stakes

The group was also behind a ransomware attack on foreign currency seller Travelex on New Year’s Eve, 2019, that crippled the company’s services.

In recent months hacking groups such as REvil, which is believed to be based in Russia, have increasingly turned to targeted attacks on high-profile targets.

The groups’ malware locks their targets’ systems, rendering them useless without the payment of a  ransom.

In addition, ransomware groups have recently begun stealing customers’ data and threatening to release it to force companies to pay.

Law enforcement authorities discourage payment, saying it fuels criminals’ activities and doesn’t guarantee the systems will be restored.