HACKERS HAVE PUBLISHED more than 25,000 nude images, along with other personal data, belonging to patients of a Lithuanian cosmetic surgery clinic.
It's not quite the WannaCry attack that struck the NHS earlier this month, but the 'Tsar Team' hacking group - better known as APT28 or Fancy Bear - is demanding ransoms from clients of the Grozio Chirurgija clinic after breaking into its servers earlier this year.
The Guardian reports that more than 1,500 British patients are listed in the hacked database, with data including nude photos, credit card details, passport scans and national insurance numbers now searchable on the Dark Web.
A number of celebrities have also been caught up in the hack, along with other clients of the clinic from 60 other countries, according to reports. It is unclear how many patients have been affected in total, but police say "dozens" have come forward to report being blackmailed.
The self-styled Tsar Team is demanding payments of between €50 and €2,000 to be paid in bitcoin to remove individuals' data. The hackers initially offered the entire database up for sale for 300 bitcoin - currently worth more than half a million pounds - but the clinic refused to pay. The price for the full database has since been reduced to 50 bitcoin, or around £100,000.
"Clients, of course, are in shock," said Jonas Staikunas, Grozio Chirurgija director, who refused to pay the initial ransom demand.
"I would like to apologise. Cybercriminals are blackmailers. They are blackmailing our clients with inappropriate text messages," Staikunas added.
On its website, the clinic is warning clients not to open or download any messages received from the blackmailers or unknown contacts, and is urging anyone caught up in the hack to provide their experience to the police. It notes that it has to have enlisted cybersecurity experts and law enforcement to investigate further. µ
We'll soon have EUV to thank for smaller chips and better phones
Just two years after he co-founded the non-profit AI safety group
Firm claims devices will allow 'untethered VR from anywhere in the world'
The file-sharing web and desktop clients could have shared a little too much