Last month, CarePartners announced it faced a data breach. However at the time it did not explain any details about the incident nor any details about the hackers. However, this month, the hackers themselves popped up online, claiming to have the stolen data. They also demand ransom to resolve the vulnerability that resulted in CarePartners data breach.
Hackers Demand Ransom To Sort Out CarePartners Data Breach
Not only did the hackers claim to have the data, but also shared the sample of data they stole from CarePartners data breach. This sample supposedly includes data of more than 80,000 patients.
The sample data included explicit details of the patients such as their names, birthdays, contact addresses and card numbers. Moreover, the hackers also shared patients’ detailed medical histories along with diagnoses, prognosis, surgeries, and medications, etc.
Besides medical records, another document which hackers shared possessed credit card details with security codes. These details belonged to around 140 patients.
Hackers claim that CarePartners left the data unencrypted. So, they simply exploited the software vulnerability which occurred as the software as not updated for two years. To hide this data, and to tell CarePartners about the vulnerability, hackers demand ransom. According to what they said to CBC,
“This data breach affects hundreds of thousands of Canadians and was completely avoidable. None of the data we have was encrypted,” hackers told CBC. “We requested compensation in exchange for telling them how to fix their security issues and for us to not leak data online.”
Apparently, the attackers compare their demand for ransom to the reward for a bug bounty program. Nonetheless, it should be kept in mind that they literally hacked the data from the company’s system without their consent or knowledge. Therefore it is not comparable to the efforts of cybersecurity researchers and bug bounty programs.
CarePartners Respond To Hackers’ Claims
CarePartners has now released an official statement explaining that the hackers contacted them on June 11, 2018. According to their statement, they began investigations and informed the public about the breach on June 18, 2018.
As advised in their statement,
“To date, CarePartners has confirmed that 627 patient files and 886 employee records were affected. Forensics investigations are ongoing. The maximum extent of any breach with respect to patient information is the approximately 237,000 patients for which CarePartners has provided care and collected information.”
CarePartners remain contented with their security measures and call CBC’s report an attempt by the hackers to defame the firm.
“We are concerned that the cyber-attackers may be using the CBC to further their own extortion agenda. It is a common strategy of cyber-attackers to contact media in an effort to embarrass and shame their victims.”
They reinforce their pledge to protect their customers’ privacy.
However, they have not stated anything in their statement whether they would pay the demanded ransom to the hackers or not.
Let us know your thoughts in the comments section.