The dark web’s most notorious hackers are at it again.
A hacking group seizes plastic surgery photos and data of clients at a Lithuanian clinic, demanding a Bitcoin ransom in exchange for keeping the photos out of public eye.
After the “WannaCry” ransomware attack launched worldwide through phishing emails, hackers have made their way into the database of a plastic surgery clinic in Lithuania, and threatened to publish photos if victims fail to pay ransom.
In fact, this story is so serious that the clinic refused to part with any ransom when they were first approached by the hacking group.
So, to create more pressure, the hackers chose to release a new set of photos if no ransom is paid.
To describe the whole episode, a hacking group which calls itself the “Tsar Team” managed to hack into the systems of Grozio Chirurgija, a clinic in Lithuania that offers discreet services to clients from many countries.
These services include cosmetic surgery for different treatments and, from the kinds of nude photographs and other images released by the hacking group, it does appear the clients of the clinic would have trusted them to keep their data safe.
Beyond just photographs of people, the stolen data also included scanned images of passports, insurance details and so on.
It could prove to be very damaging for these individuals in their own place of living if these images are released to the public.
The Bitcoin ransom demanded by the hacking group was worth around £500,000 but now they have tried to scale it down to £100,000, payable only in Bitcoin.
People from Many Countries Affected
The 25,000 photos released by the rogue hacking group belong to people from 60 different countries.
The U.K., Germany, Norway and Denmark are some of these countries. About 1,500 of those affected could be from Britain.
The Lithuanian criminal police have registered this event as a cyber crime and are investigating it.
The clinic’s management has resisted any attempt to pay up the ransom and has apologized to clients for the loss of their personal information.
They have also requested the clients not to get into any direct dealings with the hacking team or pay up any Bitcoin ransom amount.
They have termed this outright blackmail and no one should succumb to it.
For their part, the police say they are working closely with law enforcement departments in some of the European countries to trace the culprits.
Cybersecurity a Serious Issue in Lithuania
There are reports that there is a general weakness in computer systems used by most businesses in this country.
The most vulnerable amongst them are clinics like Grozio Chirurgija, as well as travel agencies and the likes.
Perhaps hacking into these agencies’ servers is much easier, and stolen data would also be very valuable to cyber criminals.
Since these places are heavily frequented by foreign travelers, hacking gives these criminals the lever to demand huge ransoms.
In this particular hacking case, for example, out of the 25,000 photos released, there are nude photographs and many confidential images the clients would not want the clinic to ever make public.
Someone could be a celebrity at home and getting a facelift or a breast lift done discreetly in distant Lithuania, and if made public, it could cause serious damage to their personal reputation.
With all of this in mind, hacking groups dare to attempt such break-ins.
Do These Hackers Have Links to Other Groups?
There is also speculation on the identity of the group involved in this Lithuania cosmetic surgery clinic hack.
The Tsar Team hacking group is connected to APT 28 or “Fancy Bear.”
All these names seem to be of the same set of hackers, also associated with the hot Democratic National Committee hack during the 2016 U.S. Presidential election as well as the hacking of the Konrad Adenauer Foundation.
But then the very same experts cannot confirm that the Lithuanian hacking was done by the same group or by some other rogue elements using their name.
Whatever be the identity of these hackers, it does raise the serious question of how organizations are indifferent to this threat of cybersecurity.
They might be spending millions of dollars or euros in setting up their servers and systems and investing in the software to run them, but they fail to create those strong firewalls that can deter these professional hacking groups.
It may not be feasible to completely eliminate a hacking threat, but at least the percentage of possibility for hackers to make an illegal entry can be reduced by a great extent.