Security

Cyber-crime

Now BlackCat extortionists threaten to leak stolen plastic surgery pics

Sharing a cancer patient's nude snaps earlier wasn't enough for these scumbags


Ransomware gang BlackCat claims it infected a plastic surgery center, stole "lots" of highly sensitive medical records, and has vowed to leak patients' photos if the clinic doesn't pay up.

The notorious extortion crew, aka AlphaV, on Wednesday added the Beverly Hills Plastic Surgery to its list of compromised organizations, and bragged about swiping people's personal information and healthcare records, "including a lot of pictures of patients that they woud [sic] not want out there."

The note continued: "Leak to follow if no contact made."

Beverly Hills Plastic Surgery did not immediately respond to The Register's inquiries. We will update this story if and when we hear back from the California clinic.

The ransomware-as-a-service group's affiliates have been especially active lately, threatening to leak stolen Reddit data from a February intrusion and also posting sensitive information belonging to Australian federal agencies and banks after breaching law firm HWL Ebsworth earlier this year.

While threatening to make public before-and-after photos of nose jobs — and presumably more NSFW surgical enhancement pictures — is especially repulsive, even for criminals, it's not as original as it seems.

As Emsisoft Threat Analyst Brett Callow, who posted a screenshot of the miscreants' leak threat, pointed out: "This is not the first time a ransomware operation has threatened to release photos of cosmetic surgery photos."

REvil did it back in 2020 after breaching The Hospital Group, which claims to be the UK's top weight loss and cosmetic surgery group.

More recently, other extortionists have become more personal in their threats, especially as they increasingly target hospitals and other healthcare organizations entrusted with protecting very sensitive and private information.

In February, BlackCat broke into an American healthcare provider — Lehigh Valley Health Network (LVHN) — and stole images of patients undergoing radiation oncology treatment along with other health records belonging to more than 75,000 people before posting at least some of that data online.

A cancer patient whose nude medical photos and records were shared sued LVHN for allowing the "preventable" and "seriously damaging" leak.

If the gang's latest claims turn out to be true, and BlackCat did steal patient photos and protected health info belonging to Beverly Hills Plastic Surgery's clients, we'd expect to see similar lawsuits in the near future. ®

Send us news
10 Comments

What is RansomHub? Looks like a Knight ransomware reboot

Malware code potentially sold off, tweaked, back at it infecting victims

White House report dishes deets on all 11 major government breaches from 2023

The MOVEit breach and ransomware weren’t kind to the Feds last year

Blackbaud has to cough up a few million dollars more over 2020 ransomware attack

Four years on and it's still paying for what California attorney general calls 'unacceptable' practice

Ransomware crew may have exploited Windows make-me-admin bug as a zero-day

Symantec suggests Black Basta crew beat Microsoft to the patch

Cops cuff 22-year-old Brit suspected of being Scattered Spider leader

Spanish plod make arrest at airport before he jetted off to Italy

Frontier Communications: 750k people's data stolen in April attack on systems

Company says just names and SSNs affected, watering down RansomHub’s claims

Microsoft answered Congress' questions on security. Now the White House needs to act

Business as usual needs a real change

That PowerShell 'fix' for your root cert 'problem' is a malware loader in disguise

Control-C, Control-V, Enter ... Hell

Ukrainian cops collar Kyiv programmer believed to be Conti, LockBit linchpin

28-year-old accused of major ransomware attacks across Europe

FBI encourages LockBit victims to step right up for free decryption keys

The bad news? Gang wasn't deleting victim data after payments

TikTok confirms CNN, other high-profile accounts hijacked via zero-day vulnerability

Beware of zero-click malware sliding into your DMs

Rogue uni IT director pleads guilty after fraudulently buying $2.1M of tech

Two decades in the clink would be quite an education