Hackers published more than 25,000 plastic surgery photos, Passport and credit card details from patients of a Lithuanian cosmetic surgery clinic. Hundreds of photos, including nude pictures, from the clinic were published in March while the rest of the database was published on Tuesday.
A hacking group called Tsar Team was behind this theft. They broke into the servers of the Grozio Chirurgija clinic earlier this year and demanded ransoms from the clinic’s clients in more than 60 countries around the world, including the UK.
More than 1,500 British patients are listed in the database. Hackers demanded ransom payments of between €50 and €2,000, paid in bitcoin, depending on the sensitivity of the data stolen – with nude photos, passport scans and national insurance numbers all serving to bump up the ransom requested.
Hackers Warned that,
If they do not comply, they risk having nude images, passport copies, social security numbers and other data made public.
Jonas Staikunas (Director of Grozio Chirurgija) said :
“Clients, of course, are in shock. Once again, I would like to apologise. Cybercriminals are blackmailers. They are blackmailing our clients with inappropriate text messages.”
Andzejus Raginskis (Lithuanian Criminal Police Bureau’s Deputy Chief) said:
“It’s extortion. We’re talking about a serious crime”
Investigators are now working with security services in other European countries and have warned that people who download and store the stolen data could also be prosecuted.