On April 30th, an unidentified individual, or group, hacked into the Virginia Prescription Monitoring Program's Web site, WikiLeaks first reported Sunday. A full week after the hack occurred, the perpetrator is still holding hostage the private data of over 8 million Virginia patients.
Hacker Wants $10M Ransom for Stolen Virginia Private Patient Data (http://www.switched.com/2009/05/07/hacker-wants-10m-ransom-for-stolen-virginia-private-patient-dat/)

I went to the link. Quite good and interesting to read.

Though, that is totally absurd, man.
How absolutely pathetic!!!

A ransom of all things while holding medical info from people hostage for money.

Frak, man. I hope they hang the guy from his n***s from a pole.

I also went to go and check out wikileaks.
Here's what wikileaks has to quote from the guy who holds people's medical info hostage.


Your link and Wikileaks have the same quote, splicer. :smile:

check it out:


"I have your shit! In *my* possession, right now, are 8,257,378 patient records and a total of 35,548,087 prescriptions. Also, I made an encrypted backup and deleted the original. Unfortunately for Virginia, their backups seem to have gone missing, too. Uhoh :(For $10 million, I will gladly send along the password."

Isn't that just absurd?!!

Probably some moron with too much time on his hands.


Here's the wikileaks link for those who also want to see what's there:



Over 8M Virginian patient records held to ransom, 30 Apr 2009 - Wikileaks (http://wikileaks.org/wiki/Over_8M_Virginian_patient_records_held_to_ransom,_ 30_Apr_2009)


Splice, I'm not trying to hijack your thread.
ONly providing comment and addendum info, if you don't mind.
IF you do, let me know and I'll delete my post with the adjunct link and info. :smile:


Now I'm beginning to wonder if he did this to challenge that jurisdiction's strength in holding their patient's data.

Most, if at least some hackers, hack to challenge as well as want to inform what-ever agency to make their encryption stronger and also better, Though from what I understand, some organizations take it too personnally and just decide to prosecute the hackers.

Though in this case, and taking into consideration the crackers statement from the quote above, I tend to think that prosecution would be warranted, yes??

Nah, I don't mind as long as it's related.
Although I agree that it was a pathetic move, it really does show that some institutions don't have the first clue how to protect their data, thinking that people will be put off by laws such as the UK's Data Protection Act, so there is no need to spend that 1 extra minute to think of a much more secure password.