Hackers claim Virginia patient data breach in ransom
Wednesday, May 6, 2009
Hackers claiming to have breached the data security of 8.3 million patient records from the Virginia Prescription Monitoring Program (VPMP) website are demanding $10 million in ransom to release the information.
Wikileaks published a copy of the ransom note left by the hackers on the website, which is used by pharmacists to follow incidents of drug abuse.
The note said the intruders possessed 8.3 million patient records and 35.6 million prescriptions and claimed to have deleted the backup files.
"In my possession, right now, are 8,257,378 patient records and a total of 35,548,087 prescriptions," the note said.
"Also, I made an encrypted backup and deleted the original. Unfortunately for Virginia, their backups seem to have gone missing, too. Uhoh :( For $10 million, I will gladly send along the password," the note said.
The FBI and Virginia State Police are investigating the potential breach, according to the Washington Examiner.
Officials at the Department of Health Professions, which oversees the program, did not answer reporters' inquiries Tuesday.
Sans Internet Storm Center's blog noted that any decent backup system will only allow the backup administrator to delete the backups. 
Related News:
ChoicePoint hit by $275K fine for 2008 data security breach - 10.21.2009
ChoicePoint, a large data broker subsidiary of Reed Elsevier, has been ordered to pay a $275,000 fine by the U.S. Federal Trade Commission, over a data breach in 2008 that exposed the private data of more than 13,000 customers.
TJX settles another class action over data breach - 9.4.2009
TJX Companies yesterday announced a settlement agreement that will result in the dismissal of a class action initiated by financial institutions as a result of the data breach of TJX's network security during 2005 and 2006 that exposed approximately 40 million credit card numbers.
Radisson data breach exposed credit card numbers - 8.20.2009
Between November 2008 and May 2009, hackers infiltrated the network security of computer systems at some Radisson hotels in the U.S. and Canada and accessed customer names and credit card numbers, the hotel chain disclosed Wednesday.
Feds indict TJX hacker for data theft in Heartland breach - 8.17.2009
Federal prosecutors on Monday indicted a Miami man in connection with the biggest credit card data breach on record - the theft of 130 million card numbers from Heartland Payment Systems - along with two other high-profile hacks.
Identity theft warnings issued to 13,000 after LexisNexis data breach - 7.16.2009
Two data breaches involving a subsidiary of LexisNexis have exposed the personal information of more than 13,000 consumers, leaving them vulnerable to identity theft and fraud.
|
