Hacker says he stole confidential medical data on 8 million Virginia residents

Hacker says he stole confidential medical data on 8 million Virginia residents
May 06, 2009 | Molly Merrill, Associate Editor and Chip Means, Web Editor

RICHMOND, VA – A Virginia government Web site was replaced last week with a ransom note from a hacker claiming he stole 8.3 million patients' personal and prescription drug information. The hacker says he wants $10 million for the safe return of the information.

The Virginia Prescription Monitoring Program's site tracks prescription drug abuse and contains 35.5 million prescriptions in addition to enrollees' personal information, such as names, social security numbers and addresses.

According to Wikileaks.org, an online clearinghouse for leaked documents, on April 30 the secure site for the Virginia Prescription Monitoring Program was replaced with the following ransom demand:

"Attention Virginia! I have your [expletive]! In *my* possession, right now, are 8,257,378 patient records and a total of 35,548,087 prescriptions. Also, I made an encrypted backup and deleted the original. Unfortunately for Virginia, their backups seem to have gone missing, too. Uhoh :( For $10 million, I will gladly send along the password." (Click here to see full ransom note).

The hacker, who taunts the FBI and lists his own email address as "hackingforprofit@yahoo.com," claims the database of prescriptions has been bundled into an encrypted, password-protected file.

The Virginia Department of Health Professions Web site has been temporarily disabled and now features a notice saying the site is "experiencing technical difficulties which affect computer and email systems." According to the department's director, Sandra Whitley Ryals, the breach is under federal investigation.

Speculation has risen about whether or not the Virginia Department of Health Professions has back-ups of the patient database.

"It is possible that they do have back-up, but they fear the massive damage if patients data is used for identity theft," says Deborah C. Peel, MD, founder of Patient Privacy Rights.(Full text at www.healthcareitnews.com)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com