Hacker demands $10M ransom for data

A hacker who claims to have stolen 8 million records from a database that tracks prescription drug abuse in Virginia is demanding a $10 million ransom for the information's return, according to media reports.

In a Roanoke Times article, Gov. Tim Kaine calls the incident "an intentional criminal act against the commonwealth by somebody who was trying to harm others." The FBI and Virginia State Police are investigating, the newspaper reported.

The breach involves the Virginia Department of Health Professions' (DHP) prescription drug-monitoring database. The department licenses health care providers in the state and tracks the sales of controlled substances.

The breach apparently happened April 30. According to Digital Journal, the hacker posted a note on WikiLeaks.org — a Web site devoted to leaking documents — demanding the ransom and threatening to sell the data on the open market if the state did not pay. Today was the deadline.

"I have your s@*t! In *my* possession, right now, are 8,257,378 patient records and a total of 35,548,087 prescriptions," the WikiLeaks note reads. "Also, I made an encrypted backup and deleted the original. Unfortunately for Virginia, their backups seem to have gone missing, too. Uhoh :("

However, DHP Director Sandra Whitley Ryals said the database has been properly backed up, Digital Journal reported.

Featured

  • Defense

    DOD wants prime contractors to be 'help desk' for new cybersecurity model

    The Defense Department is pushing forward with its unified cybersecurity standard for contractors and wants large companies and industry associations to show startups and smaller firms the way.

  • FCW Perspectives
    tech process (pkproject/Shutterstock.com)

    Understanding the obstacles to automation

    As RPA moves from buzzword to practical applications, agency leaders say it’s forcing broader discussions about business operations

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.