The nude photo hackers have struck again! Four months after a leading Lithuanian cosmetic surgery clinic was hacked with more than 25,000 private photos stolen, the hackers have struck once more. Only this time the business which has been attacked is closer to home, in London.
The high profile London Bridge Plastic Surgery has become the latest victim of cyber criminals with several terabytes of data stolen from their system. The lost data once again includes close up explicit photos of patients undergoing surgery.
In the Lithuanian case, a hacking group known as the Tsar Team published some of the photos to the dark web after the clinic refused to pay a ransom demand of more than half a million pounds. The hackers also approached surgery clients directly to extract money from them.
This time a criminal group calling themselves the Dark Overlord have gone directly to the Daily Beast online news site with photos, claiming that these include celebrities and even members of royal families. The next step by the group will no doubt be to try to blackmail some of these patients into handing over money in return for their private photographs.
The Metropolitan Police are investigating the data breach, as are the Information Commissioner’s Office. The ICO has issued a stern warning that all organisations are required by data protection law to keep personal data safe and secure. The data stolen in this breach would certainly qualify as sensitive personally identifiable information under the Data Protection Act.
How did the hackers get access to the data? Well, the Dark Overlord group used an e-mail account from the London Bridge Plastic Surgery clinic to contact a journalist at the Daily Beast, so they have clearly managed to hack into the e-mail network of the clinic. The most common method to do this is to use a phishing e-mail scam to gain authentication credentials from a network user.
There are two routes that businesses can take to mitigate the threat of such an attack. The first is to educate their employees to beware of phishing e-mails and not be tricked by them. This is a valuable exercise, but is far from foolproof. It only takes only one negligent action by a single employee and the damage is done.
The second route is for the business to take proactive action to test the security of their systems and put in place monitoring software that will identify suspicious activity on the IT network, alert system administrators and automatically shut down access to affected users or databases. Standard anti-virus monitoring software will not provide all of these actions and is dependent on all users implementing it consistently.
Here at Transputec we offer Cyber-Security-as-a-Service. This starts with a comprehensive health check of your network to identify any existing issues or weaknesses, followed by an action plan to mitigate these vulnerabilities. After this work has been done, we will put in place leading edge monitoring tools to ensure that any future suspicious activity is immediately identified and addressed before a damaging data breach can take place.
After the Lithuanian attack we reached out to some leading UK cosmetic surgery practices, but their response was that this was not something they were concerned about. Perhaps this new attack, closer to home, might cause them to have a rethink. I hope so.
Sonny Sehgal
Head of Cyber Security
Tags: #Cyber Security
