A hacker affiliated with the Anonymous collective has claimed to have compromised sensitive hospital data belonging to "more than 10 million" Turkish citizens in retaliation for recent ransomware attacks against healthcare facilities in the US.
In a video posted to YouTube on 18 May – since removed – a masked individual wearing the now-traditional Guy Fawkes mask branded by Anonymous members claimed to have breached servers in numerous Turkish hospitals, stolen patient data and even deleted information from targeted databases.
The individual claimed the breach was "revenge" for recent cyberattacks against US hospitals. At the time, these were touted to be the work of Turkish hackers – however this assertion was never backed up with solid proof. According to experts, the dataset contains a significant amount of patient information – including HIV status and abortion histories. Early analysis indicates that "dozens" of hospitals were breached. Meanwhile, the dataset also reportedly includes staff records, contact numbers and login credentials.
Experts have downloaded a copy of the leaked data and are now in the process of independently verifying the information. The Turkish government has confirmed that a series of cyberattacks hit hospitals in the region however it has attempted to play down the scope of the damage. In a statement, the health ministry confirmed a total of 33 hospitals were impacted by a cyberattack and admitted the incident brought operations on computer systems to "a complete halt."
Hospital staff tried to reload backed-up data, but the hacking group allegedly prevented this by pre-emptively blocking restoring, the statement added. Health officials also said that registrations in the affected hospitals on 18 May had to be completed by hand, however maintained that no sensitive information was lost due to a "back-up mechanism."
While it remains unclear if the hackers' claims are fully legitimate, especially in regards to the size of the leak, the breach has been met with a backlash from accounts affiliated with Anonymous and online security commentators. Security writer 'Dissent Doe', who collates news about leaks and hacks on databreaches.net slammed the "morally bankrupt" actions of the person responsible.
"I would encourage anyone who has affiliated with "Anonymous" or ever declared themselves to be 'members' of Anonymous to speak up publicly and denounce this type of dangerous hack and data dump," Doe said. "You cannot and do not make the world a better place by using patients as pawns and treating them like collateral damage for your political goals. You're not making the world a better place when you attempt to delete data that puts people at risk of compromised medical treatment."
As previously reported, Turkish citizens have long been caught in the middle of major hacks and breaches. In one recent case, a database was released online that contained a slew of personal information belonging to nearly 50 million people. This included national ID numbers, parents' first names, genders, date of births, full addresses and home districts of 49,611,709 Turkish citizens. Meanwhile, in another major Anonymous-linked cyberattack, a hacker leaked a massive 17.8GB trove of data from a national police server.
