Maze Hacks Two Plastic Surgery Studios With Ransomware
Maze Hacks Two Plastic Surgery Studios With Ransomware
May 7, 2020
Maze Hacks Two Plastic Surgery Studios With Ransomware
Maze Hacks Two Plastic Surgery Studios With Ransomware
May 7, 2020

Maze, a cybercrime group, has hacked two plastic surgery studios with ransomware, as they consequently leaked patient’s social security numbers and other sensitive information on the Internet.

On May 5, it has been reported that Brett Callow, the threat analyst of Emsisoft, has said that Maze recently took credit for hacking a plastic surgeon named Kristin Tarbet. They also claim to have hacked the Ashville Plastic Surgery Institute.

However, he explained that in Tarbet’s case, the hackers have already leaked highly sensitive data.

He added:

“The data that has been posted included names, addresses, social security numbers as well as what appears to be before and after photos and photos taken during surgical procedures. The Maze group typically start by posting only a small amount of the data that was exfiltrated — it’s the equivalent of a kidnapper sending a pinky finger — so they may well have more data than has already been published.”

Callow explained that many ransomware incidents are caused by basic security failings, which include easy-to-crack credentials or unpatched remote access systems.

ALSO READ :  Researchers Encourage Regulators To Look Beyond Bitcoin When It Comes To Considering The Environmental Impact Of Crypto Mining

He said:

“Organizations should focus more on cybersecurity since Maze uses a combination of strategies in order to gain access to networks including [Remote Desktop Protocol] exploitation, phishing, and spear-phishing.”

It has been analyzed that when it comes to the ransom requested by the hackers, he said that it cannot be known, but past attacks could serve as a guide.

Callow explained:

“Only the criminals and the plastic surgeon will know the amount of the demand. In a previous case, Maze claimed their demand was $2 million: $1 million to decrypt the victim’s data and an additional $1 million to destroy the copy of it.”

Similarly, when it comes to the Ashville Plastic Surgery Institute, the published data includes patient names, dates of birth, insurance details, patients’ implant order forms, before and after photos, and Internal documents like income statements.

ALSO READ :  EY Launches New Solution For Investigating On-Chain Data Including Bitcoin Transactions

He stated:

“This data dump is simply an initial warning shot. Should the company not pay, more data may be published.”

Also, Callow said that this is not the first time that the group has attacked two targets in the same industry. Maze’s victims often reside in the same geographic location or operate in the same industry.

However, Maze claimed that there is a reason behind those instances in a statement by saying:

“We don’t need to use phishing attacks and slowly move from one target to another as we have the access to the hosting provider.”

Thus, Ransomware groups have started threatening to leak victim’s sensitive information if they are not paid. 

Source: Cointelegraph | Image: Fifth Domain


Disclaimer

Crypto News Point a news platform of Digital Notice Media Labs is primarily a regular publication of information, commentary and articles focused extensively on fintech, blockchain technology, cryptocurrency, blockchain-based tokens, cryptocurrency market trends, and trading strategies. We do not provide individually tailored investment advice and does not take a subscriber’s or anyone’s circumstances into consideration when discussing investments, nor is Crypto News Point registered as an investment adviser or broker-dealer in any jurisdiction. Information contained herein is not an offer or solicitation to buy, hold, or sell any digital assets.

Affiliate Disclosure: To help support the work we do here at CNP, we often link to products and deals from around the web. Should you buy some of these, we may get a portion of the sale.

We in generally gather content from the major websites. In every article there is always a clear link and attribution to the source publication. If you have any issue with any of our published content taken from your site, kindly let us know so that we can take appropriate action. In any case, the content of the pages of this website is for your general information and use only. It is subject to change without notice.

You May Also like

Colombian Stock Exchange Joins Consorcio Colibrí

Colombian Stock Exchange Joins Consorcio Colibrí

The Colombian Stock Exchange (CSE) has announced that it is joining the Consorcio Colibrí, a private initiative that promotes the adoption of blockchain technology within the finance industry. It has been reported that...

Ishita Bora

Ishita Bora is a Senior Content Creator at Digital Notice Media Labs with an experience of 1 year. She has completed her Master's Degree in Language and Linguistics in 2019 from Gauhati University, India. Her interest lies in blockchain technology and cryptocurrency space, as she loves writing about blockchain and other blockchain-related articles. Currently, she is working on blockchain-based news, reviews, featured articles, and guides.