Plastic surgery practices and their patients are being targeted by cybercriminals, according to a warning issued by the FBI. These criminals aim to exploit sensitive health information and medical photos for extortion purposes. By obtaining this data, they demand ransom payments from practices and patients to prevent public disclosure or sharing with acquaintances.
Increase in Hacking Incidents
In recent months, numerous plastic surgery practices have reported hacking incidents involving stolen patient information. One such case is Beverly Hills Plastic Surgery, which has not yet responded to requests for comment. Additionally, Dr. Gary Motykie’s California-based practice notified regulators in Maine about a hacking incident that potentially affected nearly 3,500 patients. These incidents highlight the urgent need for enhanced cybersecurity measures within the industry.
Dark Web Upload of Stolen Data
Patient information and photos reportedly stolen from Dr. Motykie’s practices were discovered on a dark web site operated from Russia, as reported by DataBreaches.net in July. This incident underscores the global reach and complexity of cybercriminal networks targeting plastic surgery practices and the potential damage caused by data breaches.
Limited Reports to Professional Association
The American Society of Plastic Surgeons (ASPS) has received minimal reports regarding these cyber threats, indicating a lack of awareness among industry professionals. Dr. Steven Williams, President-elect of the ASPS, confirmed this limited knowledge, stressing the need for greater vigilance and proactive cybersecurity measures.
Appeal of Plastic Surgeons to Cyber Threats
The motivation behind targeting plastic surgeons and their patients remains unclear. However, it is evident that these threat actors find them particularly attractive targets. Further investigation is needed to understand the reasons behind this heightened interest and to take appropriate preventive measures.
FBI Recommendations for Prevention
To combat these cyber threats, the FBI has advised medical practices and patients to review and strengthen their social media account settings. This includes limiting posts by others on profiles and using unique and complex passwords to secure accounts. Implementing additional security measures is also recommended to enhance overall protection against potential breaches.
Role of ASPS in Mitigating Cyber Risk
Recognizing the urgency of addressing cyber risks, the ASPS offers resources to help plastic surgeons effectively mitigate these threats. The association organizes educational meetings and webinars to keep its members informed about the latest cybersecurity practices. By promoting awareness and providing guidance, the ASPS aims to strengthen the industry’s resilience against cyberattacks.
Plastic surgery practices and patients must remain vigilant in the face of escalating cyber threats. The FBI’s warning emphasizes the urgent need for collaboration between industry professionals, law enforcement agencies, and cybersecurity experts. By staying informed, adopting robust security measures, and actively engaging with organizations like the ASPS, plastic surgery practices and patients can enhance their protection against cybercriminals. Through collective efforts, the industry can safeguard sensitive health information and medical photos from falling into the wrong hands, ensuring the trust and privacy of patients remains uncompromised.