> the hacker left behind a calling card by changing the system identification name to "Jester."

> The attack on the branch of an unidentified major pharmacy chain occurred on four separate occasions from January through March of last year. The hacker acquired the names, contact information, and prescriptions for the pharmacy's customers

I think the story you heard was a watered down version of what they were doing. You can’t do things like exfiltrate data from a pharmacy database and not know what the system you’re attacking is for.