BreachExchange mailing list archives
Hackers steal physio clinic files
From: Erica Absetz <erica () riskbasedsecurity com>
Date: Wed, 15 May 2013 11:20:56 -0400
http://www.goldcoast.com.au/article/2013/05/15/451894_crime-and-court-news.html A MERMAID Waters physiotherapy clinic is the second medical practice on the Gold Coast to be held to ransom by an international hacker demanding $5000 to unlock patient files. The scam, which has affected businesses across the country, put more than 8000 patient files at risk at the busy Q Super Centre practice on Monday. Back in Motion Physiotherapy owner Brad Beer said the files were "missing" from the computer system for 24 hours, but were quickly retrieved by support staff. "We have secured all patient files prior to Friday, May 10," he said yesterday. "It is only new files created in the past four days that are still locked, but we are confident we will have those secured within 24 hours." Mr Beer said the scam had already cost tens of thousands in lost business and IT support. "On Monday morning a pop-up message appeared on our computers demanding $US5000 be deposited into an account to reactivate our files and system," he said. "We have had IT working on it for 48 hours and still only have limited operations available. "We were lucky to be able to retrieve most of the lost or locked files, but one week is still missing and I don't know if we will be able to find it." In December the Miami Family Medical Centre was hit by a similar scam. Mr Beer warned other businesses to be vigilant and ensure all company information and patient files were backed up. "If we didn't have such a good back-up system we would have been in serious trouble," he said. "We have communicated with our patients the best we could during this process and are lucky they have been understanding." The ransom scam began affecting businesses on the east coast last year, prompting the Australian Federal Police to investigate. They have linked some scams to Russia, Europe and America. A small coastal school at Byron Bay was also held to ransom late last year, with hackers encrypting its files and also demanding $5000. A SCAMwatch spokesman has warned business owners to never pay the ransom. "Do not let a scammer ransom you -- if you pay you're not guaranteed that you will regain control of your computer and security has already been breached," he said. The AFP and Fraud Investigation Bureau are investigating. _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- Hackers steal physio clinic files Erica Absetz (May 15)