Hacker demands $10M ransom for data

A hacker who claims to have stolen 8 million records from a database that tracks prescription drug abuse in Virginia is demanding a $10 million ransom for the information's return, according to media reports.

In a Roanoke Times article, Gov. Tim Kaine calls the incident "an intentional criminal act against the commonwealth by somebody who was trying to harm others." The FBI and Virginia State Police are investigating, the newspaper reported.

The breach involves the Virginia Department of Health Professions' (DHP) prescription drug-monitoring database. The department licenses health care providers in the state and tracks the sales of controlled substances.

The breach apparently happened April 30. According to Digital Journal, the hacker posted a note on WikiLeaks.org — a Web site devoted to leaking documents — demanding the ransom and threatening to sell the data on the open market if the state did not pay. Today was the deadline.

"I have your s@*t! In *my* possession, right now, are 8,257,378 patient records and a total of 35,548,087 prescriptions," the WikiLeaks note reads. "Also, I made an encrypted backup and deleted the original. Unfortunately for Virginia, their backups seem to have gone missing, too. Uhoh :("

However, DHP Director Sandra Whitley Ryals said the database has been properly backed up, Digital Journal reported.

Featured

  • FCW Perspectives
    human machine interface

    Your agency isn’t ready for AI

    To truly take advantage, government must retool both its data and its infrastructure.

  • Cybersecurity
    secure network (bluebay/Shutterstock.com)

    Federal CISO floats potential for new supply chain regs

    The federal government's top IT security chief and canvassed industry for feedback on how to shape new rules of the road for federal acquisition and procurement.

  • People
    DHS Secretary Kirstjen Nielsen, shown here at her Nov. 8, 2017, confirmation hearing. DHS Photo by Jetta Disco

    DHS chief Nielsen resigns

    Kirstjen Nielsen, the first Homeland Security secretary with a background in cybersecurity, is being replaced on an acting basis by the Customs and Border Protection chief. Her last day is April 10.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.