[BreachExchange] Hackers Threaten Release of Atlanta Professional Athletes’ Medical Data

Wed Nov 16 20:09:32 EST 2016

http://motherboard.vice.com/en_au/read/hackers-threaten-release-of-atlanta-
professional-athletes-medical-data

A group of hackers is continuing its extortion campaign against US medical
centers and organizations. Peachtree Orthopaedic Clinic, based in Atlanta,
Georgia, announced the theft of names, dates of birth, addresses,
prescription records and social security numbers back in October.

Over a month later, the hackers behind the attack, The Dark Overlord, are
seemingly annoyed that they have not received their demanded ransom
payment, and are threatening to release the alleged personal information of
several high profile sports stars.

The CEO of the clinic allegedly “fooled us and made us believe he was going
to pay us 83 BTC ($60,500),” someone from The Dark Overlord told
Motherboard in an online chat. They claimed to have stolen 543,000 records
in all.

The group has attempted to extort several medical organizations this year.
In general, The Dark Overlord hacks a target, steals its data, and then
demands payment in exchange for not releasing the data publicly.

In some cases, The Dark Overlord has gone on to list data on the dark web
in order to intimidate the victims further. Even approaching the media with
details on each hack is part of a calculated attempt to pressure affected
organizations into paying up.

According to the group, the hacked Peachtree data includes records on a
number of sports stars. These individuals, who Motherboard has decided not
to publicly name, did not respond to a request for comment.

The Dark Overlord indicated they planned to release the alleged records of
a handful of these athletes.

“We will continue to release more sensitive medical records until our
demands are met,” the group writes in an as-of-yet unreleased announcement.

“Michael Butler, CEO of Peachtree Orthopedics, explained to us on
Wednesday, 21st of September that his insurance would be able to provide an
83 BTC ($60,500) down-payment towards our demand. As we have not received
this promised down-payment we will be gradually following through with each
and every threat made,” the announcement adds.

A representative from Peachtree would not talk on the record about the
incident, but provided Motherboard with the clinic's previous statement.

“Patient care is at the center of our mission and we take seriously the
confidentiality of the information we hold. Our investigation is in its
early stages, but we felt it was important to communicate what we know at
this time,” Butler said in the statement.

“We regret any anxiety or frustration that this causes our patients and are
committed to supporting them,” he continued. Local media reports from the
time of the original announcement said that some affected patients had
received letters from Peachtree.

An active FBI investigation is underway into the incident.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20161116/3267c509/attachment.html>