FBI Warns Cybercriminals Are Targeting Plastic Surgeons, Patients

The scammers are stealing personal info and sensitive medical records, including photos, to extort individuals.

By Rethinking65

The FBI issued an alert in mid October warning the public that cybercriminals are targeting plastic surgery offices to harvest patients’ personally identifiable information and sensitive medical records, including photos. The criminals then enhance this data and extort individuals for cryptocurrency.

According to the FBI, the scammers use technology to disguise their phone numbers and email addresses and then deploy malware to plastic surgery offices. After hacking into a system, the cyberthieves harvest electronically protected health information (ePHI).

During the second phase of their scam, cybercriminals enhance the data they’ve harvested for extortions by using public information they find online as well as social engineering techniques (efforts designed to trick people into divulging confidential information).

During Phase 3 — the extortion phase — cybercriminals contact the plastic surgeons and their patients through social media accounts, emails, text messages and messaging apps, and ask for payment to prevent sharing their electronically protected health information. To step up the pressure, cybercriminals have shared sensitive information with victims’ friends, family and colleagues. They’ve also created public-facing websites using the data. The criminals tell victims they’ll remove and stop sharing their information only if they make the extortion payments.

Naked photos circulated

An article published this summer in the HIPAA Journal discussed breaches impacting several plastic surgery offices in California and Pennsylvania. One of the plastic surgeons was allegedly issued a ransom demand of $2.5 million. When payment was not received, the cybercriminals started publishing naked images of the surgeon’s patients with personal info. At least one patient filed a lawsuit against her surgeon.

Safety tips

The recent FBI alert included these suggestions for individuals:

  • Review profile settings in your social media accounts to strengthen privacy. Preferably, make your account private and limit what can be posted by others on your profile. Audit friend lists to ensure they consist of and are visible to people you know. Only accept friend requests and follows from people you know. Enable two-factor authentication to login.
  • Secure accounts (e-mail, social media, financial, bill pay) by creating unique and complex passwords for login; consider using a password manager to help you remember them.
  • Monitor bank accounts and credit reports for any suspicious activity; consider placing a fraud alert or security freeze on your credit reports to prevent unauthorized access.

Reporting fraud

The FBI requests that victims report fraudulent or suspicious activities to its Internet Crime Complaint Center (IC3) and to include as much information as possible including:

  • The name of the person who contacted you.
  • Method of communication used, to include websites, emails, and telephone numbers.
  • The wallet address(es) or bank account number(s) for extortion payments and recipient name(s), if provided.

For more information about reporting scams, the FBI encourages people to visit this link on the FBI IC3 website: IC3 | FBI Guidance for Cryptocurrency Scam Victim.


Latest news

Black Swan Fears Drive Caution, Plus 60/40 Three-Decade Performance

VIX sees record trading as looming economic and geopolitical risks keep investors cautious about a potential return of volatility.

Carson Group: Still Too Few Women in Wealth Management

Its latest report confirms the industry has made little progress in gender diversity despite a lot of talk.

Supreme Court Seems Wary of SEC’s In-House Tribunals Without Juries

The Supreme Court discussed a case involving a hedge fund manager in which the SEC brought a civil enforcement proceeding that charged he mislead investors.

Annuity Sales Continue March Upward

Annuity sales are set to have another record-breaking year, based on results in the third quarter.

Humana, Cigna in Talks to Merge

A deal would give Cigna a much greater foothold in the fast-growing market for managing federal Medicare plans for older Americans.

Aretha Franklin’s Sons Awarded Late Singer’s Real Estate

They now own the late singer's real estate after a judge ruled that a handwritten will found hidden in her sofa was the correct document.