Asheville – Patients of Asheville Eye Associates (AEA) fell victim to a cyber attack that compromised sensitive medical information. News sources investigating the matter have expressed frustration over AEA’s lack of transparency, despite the fact that it is customary for parties involved in ongoing investigations to refrain from commenting.
What is known is that a group called DragonForce Ransomware claimed responsibility for hacking into AEA’s databases without authorization and exfiltrating 540 GB of sensitive data, including encrypted files. In contrast to AEA’s statements, DragonForce’s website allegedly claims they stole much more. According to an individual claiming to represent DragonForce, the “ransomware group” demanded $7 million to prevent the stolen records from being posted on the dark web. They stated that AEA “made contact” with them but did not pay, resulting in the information being published in an encrypted format on an .onion blog, which is difficult for even cybersecurity experts to trace.
DragonForce emerged in 2023 and is described as having ideological roots, with some suggesting a pro-Palestine stance. This would categorize the group as “hacktivists.” However, its business model has shifted to what could be characterized as cutthroat capitalism. With a strong profit motive, the group now offers a range of services to clients, all for a fee. As expected, the group is agile, collecting 20% of ransomware payouts extorted from its clientele. The group targets anything with financial value, but a significant portion of its attacks has been directed at medical practices and law firms…