02 Junio 2017 16:44
We all have that sense of ‘this is a bit risky’ before sending someone a spicy photo. There are countless ways that these, supposedly intimate, photos could end up winging their way around the vastness of the Internet. It could be that your nearest and dearest puts them into circulation after you split up, their mobile gets lost or stolen, they mistakenly show them to a ‘trustworthy’ friend, or their account is hacked from the other side of the world.
Before clicking ‘send’, you always know there’s a chance someone else will see those photos, just as when you tell someone a secret, you’re banking on your confidant keeping schtum. But that fear should, under no circumstances, be something you feel when the confidant in question is your doctor.
But, in the 21st century, our intimacy is never safe, not even in the theoretically secure confines of a medical clinic: 25,000 private photos and other confidential patient material held at a Lithuanian cosmetic surgery clinic were leaked by hackers on Tuesday, according to police.
Among the documents are nude photos, scanned passports and social security numbers. The hacker group known as Tsar Team managed to break into the servers of the Crozio Chirugija clinic at the beginning of the year, and stole information belonging to its clients from more than 60 countries around the world.
They first tried to blackmail the clinic directly, demanding 300 bitcoins, which are now worth roughly 600,000 euros. When they realised they weren’t going to have their way, they repeatedly lowered their price until finally arriving at 50 bitcoins, around 100,000 euros.
They then decided to approach patients from the database directly, demanding ransoms of between 50 and 2,000 euros, depending on the sensitivity of the stolen material.
‘Clients, of course, are in shock. Once again, I would like to apologise,’ Jonas Staikunas, the director of Grozio Chirurgija, told local media. ‘These cybercriminals are blackmailers. They are blackmailing our clients with inappropriate text messages.’
It is not known how many clients have been affected, but according to the police, dozens of them have reported being blackmailed. ‘It’s extortion. We’re talking about a serious crime,’ Lithuania’s deputy police chief, Andzejus Raginskis, told reporters.
The clinic has warned patients not to engage with the blackmailers or download anything sent to them, to prevent further attacks.
The Lithuanian police force is now working with other countries and has warned the population that anyone found downloading and storing the stolen material on their devices would have to deal with the police.