RUSSIAN hackers have threatened to release before-and-after pictures of celebrity clients after they stole data from a cosmetic surgery company.
The Hospital Group, which has been endorsed by celebs including Kerry Katona and Joey Essex, confirmed the ransomware attack.
The hacker group, known as REvil, said the “intimate photos of customers” were “not a completely pleasant sight”.
They claim to have got their hands on more than 900 gigabytes of patient photographs.
REvil, which is believed to be based in Russia, previously hacked celebrity law firm Grubman, Shire, Meiselas & Sacks.
The Russian hackers have previously targeted Madonna, Lady Gaga and Donald Trump, by encrypting a company’s server and then threatening to release or auction off their data unless a ransom is paid.
The Hospital Group, also known as the Transform Hospital Group, has told the Information Commissioner about the breach.
It has 11 clinics specialising in bariatric weight loss surgery, breast enlargements, nipple corrections and nose adjustments.
Shameless actress Tina Malone, reality TV star Joey Essex, and Atomic Kitten singer Kerry Katona are previous patients who have endorsed the clinic.
The Hospital Group said in a statement: “We can confirm that our IT systems have been subject to a data security breach.
“None of our patients’ payment card details have been compromised but at this stage, we understand that some of our patients’ personal data may have been accessed.”
The company said all customers have been emailed about the attack.
It is understood that many of the pictures obtained by REvil do not show the faces of the patients.
Cyber security firm Emisoft estimates criminals have pocketed £18billion from ransomware in 2020.
REvil, also known as Sodinokibi, is one of the most prolific ransomware groups.
In a recent interview with a Russian-language tech blog, a purported representative of REvil said that the group’s most successful method of attack was through Remote Desktop Protocol.
This allows hackers to get a hold of remote administration of a desktop over the internet.
Security experts recommend disabling RDP on company computers, and say that the best protection against hackers is quickly and frequently updating software with the latest updates.
The Hospital Group has been contacted for a comment.