Hackers threaten to leak plastic surgery pictures

Hackers have stolen the data of a major cosmetic surgery chain, threatening to
publish patients' before and after images and other personal information. The
ransomware attack has been verified by The Hospital Group, which has a long list of
celebrity endorsements. It claimed that the violation had been reported to the
Information Commissioner. REvil, a darknet hacker organization, said the "intimate
images of consumers" were "not a truly friendly sight" on its darknet webpage. It
reported to have amassed over 900 gigabytes of patient images. The Transform
Hospital Group, which is part of the Hospital Group, claims to be the UK's largest
specialist weight loss and plastic surgery group. It has 11 clinics dedicated to bariatric
weight loss surgery, breast augmentations, nipple corrections, and nose reshaping.
While it has not done so in many years, the organization has historically marketed itself
through celebrity endorsements. Aisleyne Horgan-Wallace, a former Big Brother
contestant, told Zoo magazine about her breast augmentation operation with The
Hospital Community in 2009. Kerry Katona of Atomic Kitten, Tina Malone of Shameless,
and Joey Essex of The Only Way is Essex are just a few of the celebrities who have
supported the clinic.
In a statement, the Hospital Group said: "We can confirm that a data security
violation occurred on our IT systems. While none of our patients' payment card
information has been compromised, we believe that some of their personal information
has been obtained." The company said it had notified all of its customers about the
cyber-attack and that anyone who may have had more personal information stolen
would be contacted. Many before and after videos, it's understood, would not show the
patients' faces. One customer told the BBC that he was concerned about his photos and
data falling into the hands of the hackers. He informed the BBC that he received an
email from The Hospital Group informing him of a "data security incident," but he had no
idea what had been compromised. "I'm obviously concerned because the last thing I
want is a slew of "before" photos strewn around the internet. I've managed to keep my
surgery a secret, with just a few friends and family knowing about it, so the data breach
concerns me." Ransomware is one of the most common forms of cyber-attack. Before a
ransom is paid, hackers usually gain access to a computer network and encrypt files or
lock users out of their systems. Ransomware gangs have taken a copy of the data and
threatened to leak it recently. Victims are prevented from paying the ransom since it
finances criminal enterprises. Emsisoft, a cyber-security firm, predicts that the
burgeoning type of cyber-crime would gain criminals $25 billion (£18 billion) by 2020.

One of the most prolific ransomware classes is REvil, also known as Sodinokibi.
Travelex, a currency exchange, and Grubman Shire Meiselas & Sacks, an
entertainment law firm, are among its high-profile victims.
Tidy, B. J. (2020, December 24). Hackers threaten to leak plastic surgery pictures. BBC
News. https://www.bbc.com/news/technology-55439190

Identify whether the attack is active or passive: Ransomware is considered an

active attack. Ransomware is one of the most active and widespread threats facing
companies of all sizes and sectors today. The word ransomware originally referred to
malware that encrypts files and entire networks, but it has since come to mean a
category of financially motivated attacks that rely on victim extortion.

List your recommendations to prevent the identified attack:

1. Do not open untrusted email attachments
2. Avoid giving out personal data
3. Use mail server content scanning and filtering
4. Keep your software and operating system updated
5. Backup your data