Hackers demand $10 million ransom after wiping patient data

Graham Cluley
@gcluley

According to media reports, hackers broke into a Virginia government website, stealing the details of almost 8.3 million patients, and threatening to auction them to the highest bidder if a $10 million ransom isn’t paid.

The hackers’ ransom note was left on the home page of the Virginia Prescription Monitoring Program last week, which helps pharmacists track prescription drug abuse.

Whether this is a real data breach or not is open to some question – and it’s possible that the message amounts of little more than juvenile website defacement. Certainly, the claims that the backups have also been wiped appear a little far-fetched as surely they would be stored securely at an off-site facility?

Nevertheless, the website in question appears to have been down since the incident was first reported, and according to an official statement…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.