News Stay informed about the latest enterprise technology news and product updates.

Express Scripts offers reward in hacker extortion case

Online criminals threatened to expose sensitive member data.

A pharmacy benefits management company is offering a $1 million reward for information leading to the arrest and...

conviction of data thieves who launched an extortion scheme against the firm.
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

Express Scripts Inc., based in St. Louis, Mo., announced the reward Tuesday after disclosing the extortion threat Nov. 6. Last week, the company said it received a letter in early October threatening to expose millions of confidential patient records if demands for money were not met. The letter included personal information of 75 members, including names, birthdates, Social Security numbers and some prescription information.

This week, Express Scripts said a small number of its clients have received similar letters in the past few days threatening to expose members' personal data.

"We hope that establishing a reward will bring forward useful information. We will do what we can to help find those responsible as quickly as possible," George Paz, Express Scripts CEO and chairman said in a prepared statement.

Express Scripts notified affected members and the FBI, which is investigating the case. The company said anyone with information about the extortion plot should call the FBI at 800-CALL-FBI.

The company said it uses a variety of security systems to protect customer data. "However, as security experts know, no data system is completely invulnerable," Paz said in last week's statement.

The firm said it was not aware of any actual misuse of members' data, but is offering members free identity restoration services if they become identity theft victims due to the security breach. Express Scripts also contracted with risk-consulting firm Kroll of New York to help its members.

Dig Deeper on Security Awareness Training and Internal Threats-Information

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.