Government Technology

Cyber-Criminal Demands $10 Million Ransom After Breaching Virginia Medical Records



May 7, 2009 By

The FBI and the Virginia State Police are on the hunt for a malicious hacker who breached millions of medical records last week and is now threatening to sell them unless someone forks over $10 million.

The breach was originally reported on WikiLeaks, a site that publishes and comments on reports of leaked documents. According to the site, when people logged on to the Web site of the Virginia Prescription Monitoring Program on April 30, they saw a ransom note containing the following information:

"I have your s@*t! In *my* possession, right now, are 8,257,378 patient records and a total of 35,548,087 prescriptions. Also, I made an encrypted backup and deleted the original. Unfortunately for Virginia, their backups seem to have gone missing, too. Uhoh :(

"For $10 million, I will gladly send along the password. You have 7 days to decide. If by the end of 7 days, you decide not to pony up, I'll go ahead and put this baby out on the market and accept the highest bid."

The note's author threatened to sell the information to the highest bidder if the money isn't turned over.

Thursday was the purported deadline for the ransom.

Virginia Gov. Tim Kaine Infuriated

The Virginia Prescription Monitoring Program Web site, which pharmacists use to track drug prescriptions to monitor narcotics abuse, is currently offline while authorities investigate the problem, the Daily Mail reported Thursday.

ABC 7 News also reported Thursday that Virginia Gov. Tim Kaine told The Associated Press that he was infuriated by the acts and that the state won't make the payments.

Health officials called the FBI after viewing the ransom demand on the Web site last week.

If more than 8 million patient records are up for grabs, this could be a spectacularly huge problem for most of Virginia's residents. According to the U.S. Census Bureau, Virginia was home to 7.8 million people in 2008.

Sandra Whitley Ryals, director of the Virginia Department of Health Professions, told the Daily Mail that her department is satisfied that all the data was properly backed up.

 


| More

Comments

Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
McAfee Enterprise Security Manager and Threat Intelligence Exchange
As a part of the Intel® Security product offering, McAfee® Enterprise Security Manager and McAfee Threat Intelligence Exchange work together to provide organizations with exactly what they need to fight advanced threats. You get the situational awareness, actionable intelligence, and instantaneous speed to immediately identify, respond to, and proactively neutralize threats in just milliseconds.
Better security. Better government.
Powering security at all levels of government with simpler, more connected IT.
Cybersecurity in an "All-IP World" Are You Prepared?
In a recent survey conducted by Public CIO, over 125 respondents shared how they protect their environments from cyber threats and the challenges they see in an all-IP world. Read how your cybersecurity strategies and attitudes compare with your peers.
View All

Featured Papers