Slashdot Mirror

← Back to Stories (view on slashdot.org)

$1M Reward Offered To Nab Data Breach Extortionist

Posted by Soulskill on from the i've-seen-this-it's-gary-sinise-send-me-a-check dept.

alphadogg writes with this excerpt from NetworkWorld: "Express Scripts, the pharmacy benefits management company which recently disclosed an extortionist is demanding money by threatening to expose millions of patient records the company holds, Wednesday said it has decided to offer $1 million to nab the perpetrator. 'We're going on the offense with this reward,' an Express Scripts spokesman said. The $1 million will be paid to anyone who provides information leading to the capture and conviction of the extortionist who sent a letter to Express Scripts in early October that contained personal information on 75 people, considered members, who use the company's pharmacy-benefits services. The extortionist claims to have information on millions more Express Scripts members and wants money to not reveal it."

3 of 134 comments (clear)

  1. Opportunity by Anonymous Coward · · Score: 5, Interesting

    All the extortionist need do now is move the data to someone else's machine then shop him in.

  2. Nice way to Change the Discussion by mpapet · · Score: 5, Insightful

    Instead of having an article entitled "Millions of identities stolen" with text like "massive compromise" we have a revenge story.

    That's why corporate officers get paid the big bucks. They screw you and you feel good about it.

    --
    http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
  3. Re:Million dollar reward by lysergic.acid · · Score: 5, Insightful

    RTFA, they have upped their security since the letter was sent to them. and since no one knows how exactly the records were stolen, i think you're just talking out of your ass claiming it as "complete stupidity on their part."

    at least the company is smart enough to realize that there's no such thing as perfect security (which apparently is more than can be said about you). however, having found themselves in a situation in which their customer records have been stolen, they are taking all precautionary measures the minimize the damage.

    they were honest about the breach and came out publicly about it rather than trying to suppress the information. they contacted the FBI, who have launched an ongoing criminal investigation. the company has also hired data security & computer forensics experts to launch their own independent investigation into the matter. additionally, they have contracted a risk-consulting firm to provide free identity restoration services to affected customers in order to mitigate potential damages. they seem to have done everything in their power to redress the situation. what else were they supposed to do? give in to the extortionists' demands and try to sweep this under the rug?