Cosmetic surgery files hacked

Details of 500,000 people stolen and used in blackmail attempt

  • Information submitted to Harley Medical Group accessed by hackers
  • Security breach bid to blackmail high end cosmetic surgery firm
  • ‘Russian hackers behind the breach’, it has been reported
Harley Medical Group

Harley Medical Group

One of Britain’s best-known and biggest providers of private cosmetic surgery has been targeted by computer hackers, it was revealed last night.

Confidential personal details of nearly 500,000 people who made an enquiry about surgery via Harley Medical Group’s website were stolen in an apparent bid to blackmail the company.

Patients interested in surgery are asked to fill in an online form ahead of an appointment, with details including phone numbers, email address and date of birth.

That personal information was accessed and stolen in a security breach, the firm admitted in a letter to patients posted online.

The company carries out a range of cosmetic surgery from breast augmentations and reductions to facelifts and tummy tucks. It boasts to potential customers on its website: ‘Our No 1 goal is to look after you.’

But Peter Boddy, chairman of the company that is based in Thames Ditton, Surrey, and has 31 clinics nationwide, was forced to write to clients apologising for the security breach.

He reassured them that ‘clinical and financial information has not been compromised’.

Mr Boddy wrote: ‘We recently became aware that an unknown individual had deliberately bypassed our website security, gaining access to information from initial website enquiries in an attempt to extort money from the company.’

Later, Harley Medical Group posted on Twitter: ‘We’re sorry details of initial enquiries have been accessed illegally and assure clinical and financial information is secure.’

The company said that it had improved its security.

Last night The Sun reported that Russian hackers were responsible.

They claimed the crooks struck last month using a Russian email address to try and extort money from the firm and that stars of The Only Way is Essex, were among customers whose details were accessed.

No one from Harley Medical Group was last night available to comment.
Source : http://www.dailymail.co.uk

About these ads

2 million stolen passwords for Facebook, Twitter, Google, Yahoo and others leaked online

Security experts have uncovered a trove of some 2 million stolen passwords to websites including Facebook, Google, Twitter and Yahoo from internet users across the globe.
passsResearchers with Trustwave’s SpiderLabs said they discovered the credentials while investigating a server in the Netherlands that cybercriminals use to control a massive network of compromised computers known as the “Pony botnet.”

The company said that it has reported its findings to the largest of more than 90,000 websites and internet service providers whose customers’ credentials it had found on the server.

The data includes more than 3,26,000 Facebook accounts, some 60,000 Google accounts, more than 59,000 Yahoo accounts and nearly 22,000 Twitter accounts, according to SpiderLabs. Victims’ were from the United States, Germany, Singapore and Thailand, among other countries.

Representatives for Facebook and Twitter said the companies have reset the passwords of affected users. A Google spokeswoman declined comment. Yahoo representatives could not be reached.

SpiderLabs said it has contacted authorities in the Netherlands and asked them to take down the Pony botnet server.

An analysis posted on the SpiderLabs blog showed that the most-common password in the set was “123456,” which was used in nearly 16,000 accounts. Other commonly used credentials included “password,” “admin,” “123″ and “1.”

Graham Cluley, an independent security expert, said it is extremely common for people to use such simple passwords and also re-use them on multiple accounts, even though they are extremely easy to crack.

“People are using very dumb passwords. They are totally useless,” he said.

Anonymous Going Mainstream Following Website Funding

An Anonymous-linked Twitter account has received £36,000 in funding to set up a website, in what could be the first step of the online hacktivist movement going mainstream.

A twitter account which is linked to the famous congregation of hackers Anonymous, has received funds worth more than 55,000 dollars or 36,000 GBP and this is a part of the scheme to finance the setting up of the website for the collective. Though it may seem odd that such a well known hacktivist organization as Anonymous does not have its own official website, but the reason for this seems rooted in the organizational philosophy of the group itself.

Anonymous Going Mainstream Following Website Funding

Anonymous Going Mainstream Following Website Funding

This is because the Anonymous have always claimed to be completely democratic with no member of the group getting some special rights and all are equal. Moreover, they have reiterated time and again that they do not have a fixed hierarchical structure at all and that anyone can be a part of Anonymous as long as they want to be a voice against injustice and oppression.

 They do however use other channels on the internet to spread their word such as Pastebin , YouTube and of all these the most prominent is their twitter handle @YourAnonNews which contains all updates on their latest operations and activities. The twitter account, which is believed to be operated by a prominent member of the congregation, is now being used to make funds available for the development of a site devoted to the group’s activities. The account on Twitter, which was established in 2011, has now more than 1 million followers and has become a symbol of Anonymous even though the group has never claimed it to be their official channel after it started gaining much attention worldwide. However, now the group is making use of its popularity and internet power to generate funds.

The motive of this funding campaign is to provide the twitter handle @YourAnonymousNews with a website. The propagators of the twitter account have stated that the site will allow them “to collect breaking reports and blog postings from the best independent reporters online.

“We’ll provide feeds for citizen journalists who livestream events as they are taking place, instead of the 10-second sound bites provided by the corporate media.”

The persons behind the twitter handle have claimed that they are not related to the hacktivist organization in any manner, most people will take them to be the Anonymous themselves given the similarity in their style to the group.

The funds were arranged using crowd funding on the Indiegogo website. Though the initial target was set at a very modest $2000, with $3600 in server set up fees, the final collection turned out to be much higher than YAN had hoped for, with more than $55,000 dollars already being collected.

This truly shows the support of netizens for a movement like Anonymous and the way they are willing to help them in keeping their hacktivism going strong. However, there has been only a very sketchy description of how the monies are going to be used, so there is some uncertainty on the authenticity aspect. But it seems that netizens are all for Anonymous and their social activism.

Anonymous group launches citizen journalism website

Anonymous, the controversial hacking collective, has a new venture – a website for crowdsourced news.

Notorious Internet hacking collective Anonymous has launched a citizen journalism site that aims to collect breaking reports and blogs.

Hacking collective Anonymous launches 'citizen journalism site'

Hacking collective Anonymous launches ‘citizen journalism site’

The site, Your Anon News, will include feeds for livestream events “as they are taking place instead of the 10-second sound bites provided by the corporate media”.

The group has raised 54,798 dollars to get the site up and running, the BBC reports.

According to the report, the aim of the site is to bring together and expand its Your Anon news (YAN) service that currently runs on Twitter, Facebook and Tumblr.

The money, collected on fundraising site Indiegogo in the account name “Jackal Anon”, will be used for development and hosting fees.

Over 1,000 people contributed to the fund and were rewarded with Anonymous memorabilia including mugs, t-shirts and hoodies, the report said. (ANI)

Anonymous takes control of North Korea’s Twitter and Flickr accounts

Threatening world peace while his people starve’: Hackers take control of North Korea’s official Twitter and Flickr accounts and brand Kim Jong Un a pig

In their latest conquest, the elusive hacking collective Anonymous have taken on thousands of twitter and Flickr accounts in the agitated state of North Korea after tensions escalated when the North Korean state threatened U.S. and is getting ready to go to war with South Korea. Anonymous, who launched their Operation Free Korea on Thursday took jabs at many state run websites and launched a widespread spree of attacks on the North Korean state.

Anonymous takes control of North Korea

Anonymous takes control of North Korea

The Anonymous demands the resignation of Supreme leader Kim Jong-un and that he give up his ambitions of developing a nuclear state and setting up free democracy in the country. The first in their spate of attacks was the hacking of more than 15,000 user accounts on the website operated by the North Korean state Uriminzokkiri. Uriminzokkiri, which was set up as an initiative to reach out to the citizens and has thousands of users, is a site which provides latest info and news to people. The hackers claimed to have brought down the twitter and Flickr accounts with the site as a part of their widespread hacking effort. Moreover, many government run sites have been attacked and defaced which include the book store Ryomyong and AINDF, which is a political regime based in North Korea. The defaced Flickr sites show a distinctively Anonymous style image which parodies the Supreme leader Kim Jong-un as a pig with the ears of Mickey Mouse and declares him as wanted with a million dollar bounty for violating human rights of thousands of people and for “Threatening world peace with ICBMs and Nuclear weapons/Wasting money while his people starve to death.” While the images on the Flickr account have been removed as of now, the twitter account is yet to be recovered to complete functionality at present.

Moreover, the hackers also asserted that they had inside support from North Korean members who helped them and this is how they have reached too deep. They claimed to have hacked even the intranet system of the country, a claim which is being considered dubious at present.

We have a few guys on the ground who managed to bring the real Internet into the country using a chain of long distance WiFi repeaters with proprietary frequencies, so they’re not jammed (yet),” “We also have access to some N.K. phone landlines which are connected to Kwangmyong through dial-ups. Last missing peace [sic] of puzzle was to interconnect the two networks, which those guys finally managed to do.”

 In another statement, the group said

Citizens of North Korea, South Korea, USA, and the world, don’t allow your governments to separate you,” “We are all one. We are the people. Our enemies are the dictators and regimes, our goals are freedom and peace and democracy. United as one, divided by zero, we can never be defeated!”

The group has once again managed to shock one and all and they have promised to return with more action come this 19th April, when the next stage of their project to bring down the North Korean government will begin.

Microsoft follows Apple, Facebook into hacker hit list

Microsoft joined Facebook and Apple on Friday on the list of US technology titans targeted in recent cyberattacks.

Microsoft is the latest entrant in the growing list of companies that have become the victims of the widespread hacking campaign that has affected many top US Technology organizations like Apple and Facebook. The giant finally admitted that had been subjected to an intrusion in a similar manner to that which was seen over the hacks which affected Facebook and Apple.

Microsoft follows Apple, Facebook into hacker hit list

Microsoft follows Apple, Facebook into hacker hit list

Acting as spokesperson Matt Thomlinson mentioned in a blog today, that a small number of machines had suffered security intrusions in the Mac business unit of their company and also mentioned that the attacks had been carried out similarly to the Facebook and Apple hacks. The hacking attacks have taken a toll over more than 40 companies in the U.S. and many people are accusing the Chinese state of sponsoring these attacks as part of their cyber espionage activities.

The first reports about these attacks started appearing early in February when Twitter announced that they had suffered an attack in which user info of more than 250,000 users have been compromised. It was during the last week that Facebook had announced that they had been hit by a sophisticated hacking attack. Finally, it was stated by Apple that they had suffered their possibly largest intrusion by a group of hackers but did not let the attackers get away with any data whatsoever. Apple is working together with the authorities to nab the persons responsible. All the attacks were performed in the same fashion, by employing malware, which are commonly used to commit cyber crimes.  The malware affected the devices use by workers at these companies who got the malware after they visited a web forum for software developers. The malicious software exploited a loophole in the plug-in made by Java which these machines use, a type of attack known as a watering hole intrusion.

Matt Thomlinson did not elaborate further on the nature of the intrusion but did clarify that no data was stolen from Microsoft, “During our investigation, we found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organizations.” and said that investigations were being carried out by Microsoft and that they did not announce the attack earlier as they were following security protocol and investigating further to confirm the incident.

 This slew of attacks has surely become a cause of concern for all organizations in the technology sphere but Thomlinson said that such attacks did not surprise, “This type of cyberattack is no surprise to Microsoft and other companies that must grapple with determined and persistent adversaries,” he said. It seems that everyone will have to be cautious and wary of suspicious software to stay clear of such attacks, be it an individual user or an organization.