Cybercriminals selling hacked 9/11 docs set sights on profiting from stolen celebrity nudes

January 4, 2019 GMT

Extortionists making headlines for selling hacked legal documents involving the Sept. 11, 2001, terrorist attacks leveraged that attention Thursday to peddle nude photographs of British television stars Katie Price, Frankie Essex and Chloe Sims.

The hackers escalated efforts to profit off a previously disclosed data breach that compromised a London cosmetic surgery clinic.

An online statement attributed to The Dark Overlord, a cybercrime group known for hacking victims and then holding their data for ransom, said it was starting a “crowd-funding effort” to release naked photos of the celebrities obtained by compromising London Bridge Plastic Surgery, or LBPS, more than a year earlier.


“Not only are we extorting global insurers and litigation firms, we’re also extorting celebrities, all in the public interest,” the statement said. “Everyone loves nudes, right?”

The statement was accompanied by pricing information for the photographs and samples, including documentation detailing a plastic surgery procedure Ms. Price, a model and TV personality, allegedly underwent in July 2017.

The Dark Overlord approached LBPS in October 2017, an individual associated with the group told The Washington Times on Friday. Chris Inglefield, the clinic’s chief surgeon, “rejected our most handsome business proposition,” The Dark Overlord representative said in an email.

LBPS did not immediately return a message inquiring about the group’s alleged offer. The clinic disclosed the breach in October 2017, and a spokesperson said recently that no new breaches have been reported since.

“We continue to liaise with the cyber crime unit of the Metropolitan Police, whose investigation is ongoing, and we also worked closely with the Information Commissioner’s Office,” a spokesperson for the clinic said in a statement earlier this week. “Once again, we are saddened by news of the latest threats and we condemn the actions of the individuals responsible.”

“We are aware of a cyber hacker using the name ‘The Dark Overlord,’ ” said a spokesperson for London’s Metropolitan Police Service, Sky News reported. “No recent activity has been reported. No reports of any data theft have been received.”

Published on Steemit, a social networking service, The Dark Overlord’s statement announcing the start of the crowd-funding campaign came on the heels of the same cybercrime group offering to sell access this week to legal documents stemming from the Sept. 11, 2001, terrorist attacks.


Hiscox Syndicates Ltd., a Bermuda-based insurance provider that has handled litigation related to 9/11, subsequently said that the material was likely stolen during a previously disclosed April 2018 data breach that affected a third-party law firm.

The Dark Overlord emerged in 2016, and the group gained notoriety the following for leaking unaired episodes of the hit Netflix series “Orange Is the New Black,” allegedly after the video-streaming service ignored the extortionist’s ransom demands.

“The group has a history of hacking organisations to obtain sensitive information before demanding money in exchange for not leaking it into the public domain,” the U.K.‘s National Cyber Security Centre said previously. “They leak snippets of data to the media to encourage them to report on their activity. This is aimed at ‘proving’ that a breach has taken place, and increases the pressure on the victim to pay the ransom.”