As noted in Part 1, hackers continue to issue ransom demands, but going to the media to put pressure on hacked entities does not seem to have improved their chances of convincing their victims to pay the ransom. In Part 1, I reported on what appears to be a hack of VI Pay, Inc., a payroll…
Tag: “The Dark Overlord”
St. Francis Health System hacked: TheDarkOverlord? (UPDATE)
TheDarkOverlord, who had hacked and attempted to extort a number of medical clinics in May – June, has seemingly reappeared [see UPDATES below this post], and claims to have hacked St. Francis Health System in Oklahoma: Last week, we ransacked the web servers of Saint-Francis, a network of hospitals and clinics located in Tulsa, OK. We…
Prosthetic & Orthotic Care patient info remains publicly exposed
First, a quick update on the Athens Orthopedic Clinic breach: It took two requests, but I’m pleased to report that Pastebin removed three pastes with over 1,350 patients’ information. Those pastes were separate from an earlier paste with an additional 500 patients’ information. News outlets that continue to report that 500 patients’ information was exposed and put up for sale are, to…
Patient info from Missouri clinic hacked by TheDarkOverlord remains online and available. Why?
In a post yesterday, I reported that protected health information and identity information of patients of Athens Orthopedic Clinic that had been leaked online by hackers remained available to anyone who knows where to look for it. Although it’s frustrating and understandably worrying to patients, I give AOC credit that they tried to find the leaks and plug them. I…
Athens Orthopedic Clinic patient data still exposed on leak site
DataBreaches.net discovered today that two copies of a paste (data dump) with over 860 AOC patients’ information is still available online if you know where to look for it. I’m providing a redacted screenshot below so patients can get a sense of what these pastes/leaks look like, although I’ve blacked out most of the street addresses, the…
Athens Orthopedic Clinic incident response leaves patients in the dark and out of pocket for protection
On June 26, after learning that databases with patients’ protected health information had been put up for sale on the dark web, DataBreaches.net began investigating and trying to alert the victim entities so that they could take immediate steps to try to mitigate harm to patients. By that evening, I had sent an email to Athens Orthopedic…