Hacker holds dental office database for ransom

Police do not believe personal identification information was taken

A Palo Alto dentist's database was hacked and an unknown individual held its contents for $3,000 ransom, Palo Alto police said.

The unnamed dental office, which is located in the 900 block of Welch Road, had its files compromised between April 10 and 13. The office did not report the incident to police until June 5, Sgt. James Reifschneider said Tuesday, June 12.

The break-in was discovered after the office computer system noted that data was corrupted by malware or spyware, he said.

"The files that were compromised were X-rays and associated notes. No personal identification information was taken as far as we know," Reifschneider said.

This type of cyber attack is not unusual in the IT world, he added. The hacker typically freezes or corrupts data and generates an automatic message. If the victim wants to regain access they must remit a ransom, he said.

The ransom message included an email address to arrange for payment, but the doctor had no intention of engaging in contact with the perpetrator, Reifschneider said. The dentist's office contacted an IT service provider to try to recover and reconstruct the data. Reifschneider did not know how successful the attempt has been, he said.

People who are taken in and wire money will most probably be sending it out of the country. There would be little chance of catching the crook or recovering the money, police have said of such fraud cases.

Most such attacks originate from outside of the United States, but money really isn't the primary motive, Reifschneider added.

"As is the case with many of these, most do it to be purely malicious and disruptive," he said.

What is community worth to you?
Support local journalism.


Like this comment
Posted by Backup-Your-Data-Frequently
a resident of Another Palo Alto neighborhood
on Jun 14, 2012 at 3:05 pm

> such attacks originate outside the United States.

So .. what was the domain name of the email address? “What is” is a service that lets people see who the owner of a given domain might be. This information includes the domain name owner, and the owner’s contact information. Of course, if this is an anonymous email site, the owner’s name could be fraudulent. People generally have to pay for registering an Internet domain, so there is probably some EFT data that might also link back to the domain’s owner.

> The dentist's office contacted an IT service provider
> to try to recover and reconstruct the data.

It sounds like the Dentist might not have been backing up his data. This becomes a problem for his patients, since it’s their data that has been compromised. People should become more aware of their doctor’s handling of their personal data. The article says that no personal information was taken. This might be hard to know, depending on the kind of server being used by the Dentist. We are long past time that the government needs to start demanding that all personal information be encrypted and that all Internet access be logged.

It could never hurt to demand that doctors provide your medical records on disc, or flash-drive. Most doctors probably would not be happy about complying with such requests, but if they can’t protect your data—then you should be keeping a duplicate copy.

Like this comment
Posted by Anon.
a resident of Crescent Park
on Jun 14, 2012 at 10:21 pm

In the same way that some police go crazy when they get a little power, people seem to not think about the tech people in charge of their data, and the systems they depend on.

As an IT person myself it is hard for me to underestimate the moral integrity of many of the people I see in this industry. I know of very smart experts in computer systems that routinely leave holes, bombs and backdoors in companies they work for, not to mention designing systems that fail and demand expensive maintainence on a regular basis, and the people who hire them seem to have no idea.

This century will be a lot about average people getting up to speed on the systems and languages that we all use. When I think about the TCP/IP protocols being so full of holes and the internet being so easily hacked and manipulated and so hard to find technically and then politically to prosecute I wonder why it is that we do not have a new system that is safer and more private.

I don't think peolpe want a better system because the one we have generates so much money - in security and maintenance, and that seems more important that actually getting anything done in a safe and professional manner.

Like this comment
Posted by Outside Observer
a resident of another community
on Jun 14, 2012 at 11:18 pm

Anon has a good take on this, but let me take it one step further.

Much of the problem is in the monopoly of Mircosoft and the defective consumer products they produce.

The "anti-virus" software industry is a money maker indeed, but it is an illegitimate industry that attempt to protect people from the inherent flaws in Microsoft products. Were this any other industry, the government would break the monopoly, and jail the owners. If you doubt that, just consider what would happen if your car were as safe and reliable as Microsoft products.

If history judges anything about our current computer technology, it will judge that the Microsoft monopoly made the most defective consumer products ever.

Like this comment
Posted by Vikas Bhatia
a resident of another community
on Sep 14, 2012 at 1:34 pm

Information or cyber security starts with an acknowledgement by the business acknowledging that they have sensitive data and then going about a set of processes that go beyond the remit of "IT".

Often non-technical people rely on "IT" to be responsible for their adherence to regulation and industry best practices. This is similar to obtaining car insurance from a mechanic.

With interconnected networks, mobile devices and the "it wont happen to me" mentality these types of attacks are becoming more common, particularly given the lack of controls. A firewall will NOT fix the problem, or stop the regulators from distributing fines in the event of a breach.

A documented security policy, education and technical controls can be used to reduce, not eliminate, cyber risks.

Sorry, but further commenting on this topic has been closed.

All your news. All in one place. Every day.

Gluten-free bakery Misfits Bakehouse is reborn in Palo Alto
By Elena Kadvany | 4 comments | 3,061 views

Premarital and Couples: The "Right" Way to Eat an Artichoke
By Chandrama Anderson | 1 comment | 1,974 views

What did you learn last week?
By Sherry Listgarten | 8 comments | 1,382 views

Some answers, please, PG&E
By Diana Diamond | 12 comments | 1,337 views

The holiday season
By Cheryl Bac | 1 comment | 386 views


Race Results Are In

Thank you for joining us at the 35th annual Moonlight Run & Walk! All proceeds benefit the Palo Alto Weekly Holiday fund, supporting local nonprofits serving children and families.

Click for Race Results