In the ever-evolving cyber landscape, one of the most recent targets of ransomware gangs are our DNA records. A malicious group known as “Karakurt” is allegedly behind the theft of over 126GB of data, including sensitive DNA patient records from McAlester Regional Health Center in Oklahoma.
Ransomware attacks are becoming increasingly common, but this particular theft highlights a concerning trend: the theft and auctioning off of DNA data. It underlines the fact that virtually everything is up for sale in the digital underworld, even our most personal genetic information.
So, why are DNA records of such high value? DNA records or stolen genetic materials can be exploited in numerous ways. As per a DNA theft report by Nature Reviews Genetics, they can be used for blackmail, fake paternity results, revealing predispositions to diseases and medical conditions, which can affect employment prospects, increase insurance premiums, and even lead to social stigma.
Karakurt, first identified by the US Cybersecurity and Infrastructure Security Agency (CISA) in June 2022, is notorious for its double extortion tactics. They are thought to be an offshoot of the Russian-affiliated group “Conti”. While they don’t seem to target any specific industry, their method of operation involves gaining access via stolen login credentials or pre-compromised systems.
Given the broad range of entities targeted by cyber threats in recent times, from government agencies to large corporations, one thing becomes clear: we must be extremely cautious about the data we share. Ensure that your provider is trustworthy and has strong data protection measures in place.
The occurrence of these incidents stresses the importance of stringent security measures and the need for awareness about the implications of sharing sensitive information. Our Privacy Care Team at Incognito is available 24/7 for advice on data privacy and security. Please don’t hesitate to reach out if you need assistance or have any questions.
Incognito Privacy Care Team