"Dark Overlord"'s health record dumps were calculated, reputation-building spectacles

"The Dark Overlord" is a hacker who's made headline by advertising the availability of millions of health records on darknet sites, sending samples to news-outlets to validate their authenticity; in an interview with Motherboard's Joseph Cox, Dark Overlord reveals that the disclosures are timed to put the pressure on other victims to pay ransoms to guarantee that their stolen data won't leak.

Dark Overlord has published five data-sets so far: "48,000 records from a healthcare organisation in Farmington, Missouri; hundreds of thousands from Atlanta, Georgia, and the Central/Midwest US; 9 million apparent patient insurance details; and, on Tuesday, information on 34,000 supposed New York healthcare patients." According to Dark Overlord, these releases were calculated to build their reputation so that the other health entities that they've compromised will pay without hesitation.

But just listing the data might not be enough to secure a ransom payment, and that's where the media comes in, which is able to quickly, dramatically, and inadvertently squeeze the target organizations tighter.

"I have a reputation with this handle now. Another step accomplished," the Dark Overlord added. "Every time I put a new listing up it gets reported without hesitation now."

Hackers using the media to their own ends is not new. Anonymous has distributed attention-grabbing and ready-to-publish imagery or press releases that were easy for journalists to quickly report on. Impact Team, the hackers behind the Ashley Madison breach, sent a link of the data to at least one well-known security journalist.

But this latest campaign sticks out in its systematic and very deliberate approach. The Dark Overlord knows how to game the media, and reporters are playing along.

How a Hacker Is Gaming the Media to Extort His Victims
[Joseph Cox/Motherboard]