The Dark Overlord, a group of online extortionists that hacked into computers owned by the London Bridge Plastic Surgery clinic in 2017 and stole pictures of cosmetic surgeries conducted on celebrities, is again threatening to sell sensitive pictures of celebrities to the highest bidder in exchange for ransom.
In October 2017, the London Bridge Plastic Surgery announced that its systems had been hacked by The Dark Overlord and that it was ‘horrified’ by the fact that its patients were targeted.
“We can confirm that the Clinic has been the victim of a cyber attack. We took measures to block the attack immediately in order to protect patient information and we informed the Metropolitan Police who launched an investigation,” it said.
“Regrettably, following investigations by our IT experts and the police, we believe that our security was breached and that data has been stolen. We are still working to establish exactly what data has been compromised.
“The group behind the attack are highly sophisticated and well known to international law enforcement agencies having targeted large US medical providers and corporations over the past year. We are horrified that they have now targeted our patients,” the clinic added.
Dark Overlord threatens to release more pictures
Recently, the hacker group contacted certain media outlets and shared several images that it stole from London Bridge Plastic Surgery clinic in 2017. Members of the group told Sky News that they are extorting the clinic because it refused to cooperate with them and did not pay ransom when its systems were first hacked.
The group recently published contact details and censored photos of several female celebrities and is threatening to publish more such details and sell them to the highest bidder.
“All patients were informed of the breach at the time of the attack and were offered support and guidance. We continue to liaise with the cyber crime unit of the Metropolitan Police, whose investigation is ongoing, and we also worked closely with the Information Commissioner’s Office.
“We have taken further extensive and robust measures to increase our security in order to protect patient data. Once again, we are saddened by news of the latest threats and we condemn the actions of the individuals responsible,” said a spokesperson from the London-based clinic to Information Security Media Group after news about the fresh threats surfaced.
In 2017, The National Cyber Security Centre warned about the presence of cyber extortion gangs such as The Dark Overlord, stating that the group “has a history of hacking organizations to obtain sensitive information before demanding money in exchange for not leaking it into the public domain.”
“They leak snippets of data to the media to encourage them to report on their activity. This is aimed at ‘proving’ that a breach has taken place and increases the pressure on the victim to pay the ransom,” it added.
Dark Overlord didn’t honour its promise after receiving a ransom
In 2017, The Dark Overlord also leaked ten episodes of the popular series ‘Orange Is the New Black’ after Netflix refused to play along with its ransom demand. The group infiltrated computer systems owned by Larson Studios, a post-production movie studio in Hollywood, and demanded 50 Bitcoins (then £38,890) in ransom from the studio in exchange for not leaking the episodes on the Internet.
Despite hiring private digital security experts and involving the FBI, the studio had to ultimately pay the said amount to The Dark Overlord, hoping that the data breach would remain confidential. But to their horror, the hacker group refused to return their footage and claimed that the studio had breached the agreement by contacting the FBI.
Dark Overlord then went on to contact other movie studios that worked with Larson Studios in order to earn more money by using the hacked footage as leverage. Ultimately, then ran into Netflix who refused to budge, giving the hackers an opportunity to leak ten episodes of “Orange Is the New Black”.