
Hackers breach plastic surgery clinic - LinuxBender
http://www.bbc.com/news/technology-41735104
======
c3534l
> The Dark Overlord has claimed to be behind high-profile data breaches
> before, including one at US media firm Netflix earlier this year.

That was not a sentence I was expecting to read today.

~~~
campuscodi
It's true. They're quite prolific. They hacked a bunch of medical clinics, and
even HBO.

------
elorant
Why on earth would you keep naked pics of your clients on a computer connected
to the Internet?

~~~
binarymax
Not sure why you are being downvoted. But I don't expect clinics in a country
without something like HIPAA in place to be overly cautious about such things.

~~~
phil21
In the country with HIPPA I would absolutely bet quite a lot of money that
this is the norm as well.

I've now debugged (as a well known patient) two computer systems for local
clinics - and they were completely and entirely owned from the ground up. They
saw this as completely normal/routine (as in - "oh man, call the IT guy -
we've been infected again!"), and I watched as they would minimize whatever
medical records app they used with my info in it to pull up the toolbar-laden
IE to run my credit card via an on-line processor.

Luckily in those cases it was typical malware/botnet infestation. All it takes
is the wrong person/group to come across that secretary's workstation that is
almost assuredly connected to the same network the random medical equipment
and storage is as well.

Security/IT in general in healthcare is a complete unmitigated disaster.
Everyone focuses on hospitals (for good reason) - but those are typically
_far_ better ran than your local plastic surgery/lasik/clinic practice.

------
TazeTSchnitzel
> terabytes

If it's about the clinic, that doesn't ring true to me. Why would photos of
the clinic's customers total to that much data? Do they have hours of 4K video
on them or something?

~~~
derefr
3D pictures, like from MRIs, are big. You take a lot of them per patient. And
it would be quite bad to use lossy compression on them.

From
[http://siim.org/?page=archiving_chapter2](http://siim.org/?page=archiving_chapter2)
:

> One example of the data generated for breast MRI can reveal the large number
> of sequences and significant amounts of data that are generated for what
> might be perceived as a “small” study. [...] A significant number of
> sequences and images result in an average of ~300 MB of data storage per
> study.

~~~
TazeTSchnitzel
Ah, that makes sense. I hadn't thought of that type of data.

------
Cuuugi
Sounds to me like a few hackers will be "chased by the paps".

