Hackers are threatening to release customer data from a plastic surgery clinic in London known for its roster of high-profile clients.
A group known as The Dark Overlord was able to access sensitive information from London Bridge Plastic Surgery Clinic after breaching its IT systems on 24 October.
According to V3, the hackers have threatened to release the stolen data, which is reported to include intimate photos of clients, unless an undisclosed ransom is paid.
The group has suggested that the data it has stolen includes information on members of the British Royal Family.
London Bridge Plastic Surgery Clinic confirmed that an attack had taken place on Tuesday. A spokesperson said that the clinic “took measures to block the attack” immediately after being made aware of the breach, but was unable to prevent data being stolen.
“We are still working to establish exactly what data has been compromised”, the spokesperson said in a statement. “The group behind the attack are highly sophisticated and well known to international law enforcement agencies having targeted large US medical providers and corporations over the past year.
“We are horrified that they have now targeted our patients. Security and patient confidentiality has always been of the utmost importance to us. We invest in market-leading technology to keep our data secure and our systems are updated daily. We are deeply saddened that our security has been breached.”
Research published by Accenture earlier this year revealed that 13% of respondents in England had been the victim of personal medical data theft, a topic that has seen increased attention since the infamous WannaCry cyberattack on NHS services in May 2017.
Metropolitan Police are now investigating the incident. A spokesperson from the Information Commissioner’s Office told Digital Health News that it too was aware of the cyber attack and was looking into the details.
“All organisations are required under data protection law to keep people’s personal data safe and secure”, they said.