$1M Reward Offered To Nab Data Breach Extortionist

alphadogg writes with this excerpt from NetworkWorld: "Express Scripts, the pharmacy benefits management company which recently disclosed an extortionist is demanding money by threatening to expose millions of patient records the company holds, Wednesday said it has decided to offer $1 million to nab the perpetrator. 'We're going on the offense with this reward,' an Express Scripts spokesman said. The $1 million will be paid to anyone who provides information leading to the capture and conviction of the extortionist who sent a letter to Express Scripts in early October that contained personal information on 75 people, considered members, who use the company's pharmacy-benefits services. The extortionist claims to have information on millions more Express Scripts members and wants money to not reveal it."

Opportunity

All the extortionist need do now is move the data to someone else's machine then shop him in.

Re:how would the extortionists collect the payment

Simply put the money goes into accounts either in the Grand Cayman's which will not allow any tracking or bounces through 100 accounts before it hits a bank in a former communist country.. in either case the banks and/or the country will not cooperate with the rest of the world

Evil Pharmacy benefits mgmt companies

[freelunch]

Many 'pharmacy benefit management' companies profit by selling information about your drug purchases - and probable ailments - to the highest bidder. This is a gray area of the law. You are typically NOT able to opt-out of this selling of your information. HIPPA doesn't cover this, just like it doesn't cover off-shore companies who sell your data. It is a rapidly growing market.

Insurance companies like Humana even make a point of mentioning that they will disclose your health data to third parties who may not be subject to privacy regulations.

So I have to ask, who is more evil here?