The BlackCat cyber crime syndicate, also known as ALPHV, has issued a threatening announcement regarding the release of sensitive patient images purportedly stolen from a Beverly Hills plastic surgery clinic. The controversial statement was published on the dark web on Wednesday, where the group alleged to have amassed a wealth of Personally Identifiable Information (PII) and Protected Health Information (PHI) from the Beverly Hills Plastic Surgery, Inc. (BHPS).
The ransomware group’s statement reads, “We possess substantial PII and PHI, including numerous patient images that they would prefer to remain confidential. It would be beneficial for you to make contact before we publicise all data. If no contact is established, anticipate a leak.” Traditionally, ransomware groups would lock victims out of their systems by encrypting their files, with the decryption key only provided upon payment of a ransom. However, the contemporary trend shows an alarming shift in tactics; cyber criminals are now stealing files and threatening public release if their ransom demands are not met. Cyber Security specialist believe that this could be due to the increase in businesses using comprehensive backup solutions or the implementation of services such as Immutable Backups.
Attempts by the news outlet “The Daily Dot” to contact BHPS regarding the allegations were unsuccessful, calls made to both the BHPS office and a clinic doctor were met by answering machines. Given the clinic’s high-profile location, there is speculation that BlackCat may have obtained images of some celebrities or high profile names. This incident is not the first case of medical establishments being targeted by ransomware groups. A similar occurrence in late 2020 saw the cyber crime gang REvil successfully breach The Hospital Group, a prominent cosmetic surgery company in the UK, and similarly threatened to release patient images.
Brett Callow, a cyber threat analyst, expressed concerns regarding the escalating threat from ransomware gangs targeting hospitals and other medical information. He emphasised that healthcare providers must implement adequate security mechanisms to safeguard not only patients but also themselves from risk and the potential financial implications of breach-related class action lawsuits. Callow added that patients should be worried about what ALPHV might do with the photos. If they were to be posted online, they could be accessed and potentially misused by third parties, which could include attempts to extort money from the patients themselves.
This alleged attack by ALPHV is their latest offence, following a recent claim of responsibility for a breach at Reddit. The group has threatened to release internal company data unless Reddit agrees to pay a ransom and reverse its decision to increase prices for API access.
At One2Call we work with Businesses Across the UK, including Healthcare and Care Home Providers, to protect them from the ever evolving Cyber Security Threat Landscape, using tools such as Endpoint Detection & Response
which uses Artificial Intelligence and Machine Learning to monitor and block Unusual, Suspicious or Malicious activity on your business endpoint devices. If you would like to find out more about our Cyber Security solutions and how we can build a comprehensive solution that can protect your business from Ransomware attacks that could have potentially devastating effects on your business or clients with the leak of sensitive data, click the link below to download our FREE Cyber Security Self Assessment form and speak with one of our Cyber Security specialists.