2 min read

Hackers Breach Psychiatric Practice in Finland, Hold Patient Data to Ransom

Filip TRUȚĂ

October 22, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Hackers Breach Psychiatric Practice in Finland, Hold Patient Data to Ransom

Hackers have breached a psychotherapy practice in Finland and are holding patient information to ransom, the victim company said in a notice this week.

Vastaamo has offices in around two dozen cities in Finland, including the capital, Helsinki. The firm has announced it has fallen victim to a hacker attack.

“An unknown hostile party has been in contact with Vastamo and claims to have obtained confidential information from the company’s customers … We are aware that some of our customers have leaked confidential information as a result of the breach. According to current information, customer data recorded after November 2018 has not been compromised,” it says.

Nowhere in the notice does the company mention a ransom, but according to local news outlet newsnowfinland.fi, the attackers indeed made such a request. The amount demanded is unknown.

Vastaamo has notified local authorities of the breach and has started its own internal investigation.

“In addition, Vastamo took immediate steps to clarify the matter in cooperation with external and independent security experts,” according to the announcement.

The firm”s technicians have hardened systems against further tampering “and their use is more effectively monitored by security professionals,” the notice reads.

“We do our best to find out what happened and work with the authorities to prevent the spread of confidential information,” reads a Google-translated version of the notice sent out by the psychiatric practice.

Tuomas Kahri, chairman of the Board of Vastaamo, issued the following (machine translated) statement:

“As a company providing psychotherapy services, the confidentiality of customer information is extremely important to us and the starting point for all our operations. We deeply regret the leak due to the breakthrough. We are constantly developing our data security and data protection and will take additional measures when our own investigations and regulatory investigations are completed. Due to the ongoing police investigation, we have not received a message on the subject before, as for technical reasons the investigation has not been made public,” said Kahri.

It”s not certain whether Vastaamo is dealing with a ransomware attack, but all signs point to one. In the past year, ransomware operators have not only encrypted but also downloaded the victim”s data, threatening to make it public or sell it to fraudsters in a bid to coerce victims into paying. Of course, even if the victim pays a ransom, nothing stops the perps from selling the data on the dark web anyway.

Vastaamo promises to keep customers updated with the latest information and directs members of the media to the company”s chairman for inquiries.

In situations like these, the victim company has a moral obligation to tell customers how to spot fraud attempts or phishing scams that leverage their personal information for credibility. Victim companies should also offer free credit card monitoring to those affected.

If you are a Vastaamo customer, keep a close eye on your bank statements and don”t reply to any unsolicited emails or text messages asking for your login credentials, or any other personal information for that matter.

If you have a password-protected account with Vastaamo and you”ve used that password on other services on the web, set up new passwords for each one of those other services.

Were you a victim of a data breach? Time to find out with Bitdefender”s Digital Identity Protection tool.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Common Credentials Criminals Use in IoT Dictionary Attacks Revealed Common Credentials Criminals Use in IoT Dictionary Attacks Revealed
Silviu STAHIE

November 30, 2021

3 min read
Interpol Busts 1,000 Cyber Crooks and Recovers $27M in Massive Fraud Crackdown Interpol Busts 1,000 Cyber Crooks and Recovers $27M in Massive Fraud Crackdown
Filip TRUȚĂ

November 29, 2021

2 min read
Social media firms will be forced to unmask online trolls, says Australia Social media firms will be forced to unmask online trolls, says Australia
Graham CLULEY

November 29, 2021

2 min read