Earlier this week, the Washington Post reported (via Wikileaks) that hackers had compromised a Virginia state prescription web site, deleted the eight million records and replaced the home page with a ransom note.
The ransom demand, $10 million.
Apparently, this isn’t the first case of datanapping, which doesn’t surprise me. I am surprised that I don’t remember seeing cases like this in the past.
I guess they are kept quiet up for good reason.
On the other hand, it’s pretty frequent to hear about laptops with sensitive data going missing or being stolen, but I’ve always wondered where the data go. I figure in most cases, laptop thefts are smash-and-grab crimes that are meant to turn a quick buck. The perpetrator doesn’t bother to scan for useful data.
After all, if you were given someone else’s laptop right now and told to find something useful, how long would it take you to give up in frustration. Think about your own machine. You’d have to sift through a mind-numbing amount of useless crud before finding anything remotely useful.
Please tell me you don’t have a password.doc file on your desktop.
Still, when personal information goes missing like that, don’t you wonder how easy or hard it would be to find it. Even if you knew what the prize was, it might not be easy to find.
Datanapping is quite the opposite.
These criminals knew what they wanted to get and how they planned to profit, which requires a lot of planning, and either a tipster/insider or a scanner to find a vulnerability they could exploit.
Although I doubt the investigation will get much coverage, I’m curious to follow it, especially if they catch the bad guys. Precedents in technical cases are being set nearly every month it seems, and I wonder how sentencing would go in a case like this one.
Anyway, no real point here, just an interesting tidbit.
Find the comments to add your two cents, or more.