DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

A horrific privacy breach averted, but why did Anonymous remain silent? (UPDATED)

Posted on March 9, 2012 by Dissent

I couldn’t fall asleep last night.  It’s not often that a data breach worries me, but what I read online had concerned me.  According to a hacker calling himself @PabloEscobarSec, he had hacked the British Pregnancy Advisory Service (BPAS), and intended to leak the names of all of the women who had used the service.  He claimed to be doing that to protest abortions:

British Pregnancy Advisory Service was attacked because they kill unborn children that have no rights. It’s murder.

— PabloEscobar (@PabloEscobarSec) March 8, 2012

A few of us tried to convince him otherwise, but got no response. In hindsight, he may not have responded because the police already had him in custody.

And so I stayed awake last night, worrying about the consequences if 50,000 women’s names were dumped on the Internet with the label of having had an abortion.

How many of those women had sought abortions following impregnation due to rape?

How many teenage girls had sought abortion following impregnation due to incest?

How many might be at risk of domestic abuse or violence if it became known they had had an abortion?

I felt sick inside.  Embarrassment and job discrimination are serious enough consequences of a data leak, but this one had the potential for even more serious consequences.

Around 2:00 am ET, the news broke that the hacker had been arrested and was being detained.  I breathed a sigh of relief – for now – and mentally blessed law enforcement for their quick action to prevent a data leak that could have horrific consequences.

But as I read the media coverage and the subsequent statements from BPAS and Scotland Yard, I realized that a data leak of supposed abortion patients was also horribly misleading.  Despite what the hacker had claimed, the database was not a database of  women who had obtained abortions.  It also included the names of women, professionals, and even students who had simply sought information from the service on any one of a number of health-related issues, including contraception and STDs .  So what we might have had are thousands of women being publicly named, shamed, and put at risk for allegedly having abortions when many or even most of them never had one.

Reputations ruined. Lives put at risk.  By a young self-proclaimed “hacktivist” with self-proclaimed ties to Anonymous who doesn’t seem to have understood what data he had acquired and who didn’t demonstrate any ethical regard for what damage a leak could have done. What could a more proficient hacker have accomplished – and what difference would a court injunction make to someone who flaunts the law?

Some hacks are worse than others.

This was one of the bad ones and it could have been much worse.

But where were members of Anonymous yesterday and last night when this guy was posting his intentions?  Why didn’t members of Anonymous speak up and say, “Hey, guy, that’s a really bad idea.”  After all the tweets about International Women’s Day and how Anonymous loves women and we should stay strong and not take sh*t from anyone,  why did Anonymous remain silent in the face of this hack?  And what will it do now to promote more ethical hacktivism?

Update of March 10:  James Jeffery has pleaded guilty to hacking PBAS and in court, claims he had a change of heart about posting the data online and decided it would be “wrong” to do so.  He remains in custody. As of today’s update, the main Anonymous-related Twitter accounts still have not denounced the hack or the intended data dump.  Their thundering silence belies their claims of concern for individuals.

Category: Breach IncidentsCommentaries and AnalysesHackHealth DataNon-U.S.Of Note

Post navigation

← Scottish charity signs ICO undertaking following personal data theft
Theft of location info: Revision of law necessary to protect privacy →

7 thoughts on “A horrific privacy breach averted, but why did Anonymous remain silent? (UPDATED)”

  1. Charles Jennings says:
    March 9, 2012 at 12:15 pm

    What a liberal slant on what is an almost everyday occurrence in the security community. What makes this hack any worse than those that put businesses in such a financial strain that they eventually end up going out-of-business or spending millions of dollars to recuperate? The are all “horrific” for someone. Report the news – not your liberal agenda.

    1. admin says:
      March 9, 2012 at 1:44 pm

      This is a blog, not just a news site.

      Very few businesses go out of business over a hack – some of us have been looking for such examples for years and have only found a handful that were so seriously affected. As to millions of dollars to recuperate, yes, but that’s not as meaningful or significant to me as the human cost/impact. YMMV.

      Do keep in mind that this blog is a spinoff of my privacy issues blog, PogoWasRight.org, and that I am primarily a privacy blogger. I am not a security professional, as I’ve said many times, and the blog post was tagged as “commentary.”

    2. Mike T says:
      March 9, 2012 at 3:41 pm

      This is not a news site, and the article didn’t masquerade as such. It was commentary on how hypocritical it is for an organization that styles itself as giving voice to the voiceless to stand by and allow this to happen. Other attacks, at least on the surface, are trying to raise awareness of an issue that is believed to need it raised. This breach disclosure was squarely and solely intended to silence supporters by invoking the spectre of guilt by association. This moved from an attack on groups, organizations, and ideologies to an attack on individuals.

      Would you lump medical records, prescription history, or substance abuse treatment notes in with brokerage records, video rental history, or grocery shopping purchases as far as risk of embarassment, discrimination, or harm resulting from unauthorized disclosure?

      At the core, it was about how Anonymous’ rhetoric and behavior don’t agree with one another. Not surprising, when an organization claims to simultaneously be everyone and no one. It is the shift to an attack on individuals that may cause Anonymous to lose any popular support they may have had. If this person were truly associated with them, they should take a step back, analyze the behavior, and ask, “Is this good for the company?”

      1. admin says:
        March 9, 2012 at 3:56 pm

        Thanks, Mike. I think you may have said it better than I did.

  2. Mary Branscombe says:
    March 9, 2012 at 3:38 pm

    Coming from the UK, I find the notion that one would be ‘shamed’ for having an abortion pretty mediaeval. I’m sure it happens here and there are some rightwing nutjobs attacking womens rights, including abortion services, but they’re seen as fringe rightwing nutjobs by mainstream society. Yes, the Internet crosses boundaries and all those USanian antiabortionists would pile onto anyone outed like this and yes, such outing would be an appalling invasion of privacy. Yes, it’s a childish abuse of power by someone who has no manners, no empathy and no maturity. But I wanted to give you the viewpoint that to see this as automatically shameful is not the common, mainstream attitude here in Britain.

    1. admin says:
      March 9, 2012 at 3:55 pm

      Glad to hear that, but there are a number of subcultures there where women would be shamed and in danger, perhaps, from family members who may feel that dishonor has been brought on the family, etc.

  3. Adrian says:
    March 14, 2012 at 5:36 am

    I’m against abortion, but as long as it is a legal service, the people using it should have their identities protected if they so wish. This is more a privacy issue than a political one for me.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.