CCTV footage from plastic surgeon’s office dispersed onto obscene websites

By Dain Oh, The Readable
Mar. 10, 2023 7:22PM GMT+9

Camera footage that shows medical examinations in a plastic surgeon’s office in Seoul has been exposed online and is being circulated through obscene websites based in China. The South Korean police launched an investigation to trace the initial cause of the breach.

The Seoul Metropolitan Police conducted an on-site investigation at one hospital located in Gangnam on Tuesday regarding a recent security incident that laid bare private scenes of medical examinations for plastic surgery procedures. According to multiple local news outlets, the exposed videos were recorded from February 24 to February 28, documenting dozens of patients receiving medical consultations and procedures.

The hospital specializes in body sculptures for women, such as fat transfer and breast augmentation. Among the victims of the security breach, a celebrity was reportedly included. The total volume of the videos reaches 1.5 gigabytes.

The staff at the hospital reported the breach to the police on Monday after they acknowledged that the internal internet protocol (IP) camera footage was leaked to outsiders. The police started their investigation the next day, while also shutting off the webpages that distributed the illicit videos. The police are cooperating with the Korea Communications Standards Commission and the Ministry of Gender Equality and Family.

The investigators are looking into log records of the surveillance cameras at the hospital, as well as inspecting the medical facility’s security compliance, including changing the default passwords of cameras. It is not confirmed yet if the cameras were hacked by malicious actors.

This incident has reignited some of the most sensitive controversies in the nation. In 2021, the National Assembly of South Korea passed a law that obligates the installation of CCTV cameras in operating rooms. The law was first suggested in 2015 with an aim to monitor unlawful acts by medical staff, such as surrogate surgery and sexual harassment. However, it has faced severe backlash from doctors who argue that the law violates the fundamental rights of medical professionals, not to mention the possibility of data breaches involving their patients. The law is scheduled to go into effect on September 25.

The Korean Medical Association strongly committed to reassessing the law, saying that their privacy concerns have become a reality, through a press release on Tuesday. “The risk of compromising patients’ privacy arises at the moment of videotaping,” wrote the association. “The National Assembly and the government must recognize the gravity of the damage to citizens, which is caused by the videos from operating rooms, and start reviewing the necessity of such obligations from the beginning.”

Furthermore, the security issue surrounding Chinese camara manufacturers has been brought to attention once again. The exposed video footage was recorded through IP cameras made by China’s Hikvision. Hikvision is the largest manufacturer of CCTV cameras in the world, while significant amounts of its share are owned by the Chinese government. According to previous reports by several news media, the Chinese government owns 42% of the company. The United States Federal Communications Commission (FCC) imposed an exclusion order prohibiting Hikvision from exporting electronic products to the U.S. last year, mentioning the national security threats.

The cover image of this article was designed by Areum Hwang.

Dain Oh is a distinguished journalist based in South Korea, recognized for her exceptional contributions to the field. As the founder and editor-in-chief of The Readable, she has demonstrated her expertise in leading media outlets to success. Prior to establishing The Readable, Dain was a journalist for The Electronic Times, a prestigious IT newspaper in Korea. During her tenure, she extensively covered the cybersecurity industry, delivering groundbreaking reports. Her work included exclusive stories, such as the revelation of incident response information sharing by the National Intelligence Service. These accomplishments led to her receiving the Journalist of the Year Award in 2021 by the Korea Institute of Information Security and Cryptology, a well-deserved accolade bestowed upon her through a unanimous decision. Dain has been invited to speak at several global conferences, including the APEC Women in STEM Principles and Actions, which was funded by the U.S. State Department. Additionally, she is an active member of the Asian American Journalists Association, further exhibiting her commitment to journalism.