In today’s digital world, some information can’t be nipped and tucked. A London-based plastic surgery clinic recently announced that a hacking group stole several terabytes of client images. The Daily Beast reports that the hackers, known as the Dark Overlord, stole photos of in-progress procedures from London Bridge Plastic Surgery.
“We can confirm that the Clinic has been the victim of a cyber attack. We took measures to block the attack immediately in order to protect patient information and we informed the Metropolitan Police who launched an investigation,” the clinic said in a statement to The Daily Beast. “Regrettably, following investigations by our IT experts and the police, we believe that our security was breached and that data has been stolen. We are still working to establish exactly what data has been compromised.”
According to The Daily Beast the clinic performs procedures on high profile and celebrity clients. While 82% of Botox patients see improvement within a week of treatment, it’s likely that none of them expect to see their photos online. Local police are investigating the incident, but they have not made any arrests yet. The photos are yet to be released, but The Dark Overlord threatened to do so.
“We’re going to pitch it all up for everyone to nab. The entire patient list with corresponding photos. The world has never seen a medical dump of a plastic surgeon to such degree,” The Dark Overlord said in a statement to The Daily Beast.
The Daily Beast reports that this breach is typical of The Dark Overlord. They have a history of hacking medical centers and operate by threatening to post sensitive information if the victim does not pay a ransom. They also use the press to further this pressure. In this case, the images are highly sensitive, showing bodies and faces post-operation.
In the wake of the Equifax hack the international spotlight has been on cybersecurity for firms of all sizes. Slatereports that this hack brings up the importance of medical cybersecurity and the question of what measures clinics should take to truly protect patient information. While 65% of IT equipment failures inadequate, poorly maintained or faulty server room air conditioning, data breaches are more complicated than this.
As for the team at London Bridge Plastic Surgery, they are working to clean up the pieces of this attack, ensuring clients of their concern.
“Security and patient confidentiality has always been of the utmost importance to us,” they said in a statement to The Daily Beast. “We invest in market-leading technology to keep our data secure and our systems are updated daily. We are deeply saddened that our security has been breached. We are profoundly sorry for any distress this data breach may cause our patients and our team are available around the clock to speak to anyone who has any concerns by calling 0203 858 0664.”