Prosecutors have charged seven people who supposedly hacked into doctors’ accounts and issued counterfeit electronic prescription drugs. Some were narcotic.
-
Seven criminals hacked doctors' accounts on Poland's government medical portal using stolen credentials from data leaks to generate digital certificates and issue fraudulent prescriptions.
-
They issued fake prescriptions for narcotics like Xanax and OxyContin using unsuspecting victims' identification numbers.
-
The group also committed identity fraud and attempted loan fraud.
The suspects were members of an organized criminal group and have been using compromised doctors’ accounts to gain access to the government-run gabinet.gov.pl medical portal, where doctors document their patients’ health conditions and issue prescriptions or medications.
Here is how it went down. The seven had gained access to doctors’ personal information obtained from previous data leaks. With this information, the criminals generated digital certificates that granted them access to the medical portal, where they began issuing prescriptions.
The doctor impersonators started “working” in September 2024 and continued until June 2025. During that time, they issued false prescriptions for “prescription drugs containing narcotic drugs and psychotropic substances.”
“Prescriptions were issued exclusively on a pro familia basis (intended for immediate family members) to individuals with PESEL numbers, who were found to be unaware of this,” the Central Cybercrime Bureau (CBZC) in Poland reported.
The drugs found on the fake prescriptions include such names as Xanax, OxyContin, Oxydolor, and Nasen.
The counterfeit prescriptions were then sold online and used in actual pharmacies across Poland. This scheme resulted in “several hundred packages” of narcotic drugs reaching people who don’t have the right to obtain them, not only in Poland but in other European Union countries as well.
According to prosecutors, the group has also used the stolen doctors’ credentials to open fictitious bank accounts and attempt to obtain loans under false pretences.
The ongoing investigation shows that the seven charged people may also have been involved in other cybercrimes, including being responsible for Business Email Compromise attacks “to the detriment of Polish businesses” and acquiring and selling both bank and cryptocurrency exchange accounts.
All suspects have admitted committing the crime and currently face prison sentences ranging from 3 to 15 years.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked