A U.S.-based hacker who used the screen names "Studmaster" and "Lifelock" had recently gained some notoriety for the use of ransomware to target medical clinics and an orthodontist's office—and in some cases, the patients as well.
The U.S. Department of Justice says that criminal hacker is Robert Purbeck, a 41-year-old man from Idaho, who was indicted by a federal grand jury in the Northern District of Georgia for computer fraud and abuse, access device fraud, and wire fraud.
DOJ describes hacking and extortion attempts
Based on comments from Acting U.S. Attorney Kurt Erskine and other information presented in court, a timeline of Purbeck's crimes has been constructed.
Between June 2017 and April 2018, Purbeck allegedly used a criminal marketplace on the Dark Web to purchase user credentials to computer servers belonging to multiple victims in Georgia.
He then used these credentials to access the victims' computers and steal sensitive, personally identifiable information. This information included:
- "Medical records and other documents that contained names, addresses, birth dates, and social security numbers of over 43,000 people from a Griffin, Georgia, medical clinic
- Police reports and other documents containing personal information of over 14,000 people from the City of Newnan
- Personal information of over 7,000 people from a Locust Grove, Georgia, medical practice"
Hacking leads to extortion attempts
After stealing all of this information, Purbeck tried to extract money from his victims.
As an example, the DOJ says he hacked into an orthodontist's computer system and stole medical records of more than 1,800 people.
He then followed this up by allegedly threatening, harassing, and attempting to extort the orthodontist, demanding a ransom payment in Bitcoin. Investigators say he also sent messages to the patients of the clinic.
He threatened to sell the stolen patient information if his demands were not met. And according to DOJ, the extortion attempt got personal: he threatened to disclose the personal information of the orthodontist's child, who was minor.
U.S. Attorney Eskrine described the case like this:
"This alleged cyber-criminal and extortionist targeted the City of Newnan as well as medical clinics in our District, stealing over 60,000 records containing personal information of our citizens. He then allegedly attempted to extort a Florida orthodontist, threatening to sell the social security number of his minor child unless the orthodontist submitted to a payment demand. Now, this defendant must answer for his alleged crimes in the Northern District of Georgia."
For more information on Purbeck and this criminal case, read this from the Department of Justice.