An attacker tried to extort $10 million after breaking into a Virginia state Web site used to track prescription drug abuse and allegedly holding the data hostage, according to a posting on the Wikileaks Web site.
The ransom message on the Virginia Prescription Monitoring Program site read:
"I have your [expletive]! In *my* possession, right now, are 8,257,378 patient records and a total of 35,548,087 prescriptions. Also, I made an encrypted backup and deleted the original. Unfortunately for Virginia, their backups seem to have gone missing, too. Uhoh :(For $10 million, I will gladly send along the password."
The site, which was broken into late last week, was not accessible late on Monday.
Sandra Whitley Ryals, director of Virginia's Department of Health Professions, told The Washington Post that a criminal investigation is under way by federal and state authorities. An FBI spokesman declined to comment.