2 min read

Hackers Breach Psychiatric Practice in Finland, Hold Patient Data to Ransom

Filip TRUȚĂ

October 22, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Hackers Breach Psychiatric Practice in Finland, Hold Patient Data to Ransom

Hackers have breached a psychotherapy practice in Finland and are holding patient information to ransom, the victim company said in a notice this week.

Vastaamo has offices in around two dozen cities in Finland, including the capital, Helsinki. The firm has announced it has fallen victim to a hacker attack.

“An unknown hostile party has been in contact with Vastamo and claims to have obtained confidential information from the company’s customers … We are aware that some of our customers have leaked confidential information as a result of the breach. According to current information, customer data recorded after November 2018 has not been compromised,” it says.

Nowhere in the notice does the company mention a ransom, but according to local news outlet newsnowfinland.fi, the attackers indeed made such a request. The amount demanded is unknown.

Vastaamo has notified local authorities of the breach and has started its own internal investigation.

“In addition, Vastamo took immediate steps to clarify the matter in cooperation with external and independent security experts,” according to the announcement.

The firm”s technicians have hardened systems against further tampering “and their use is more effectively monitored by security professionals,” the notice reads.

“We do our best to find out what happened and work with the authorities to prevent the spread of confidential information,” reads a Google-translated version of the notice sent out by the psychiatric practice.

Tuomas Kahri, chairman of the Board of Vastaamo, issued the following (machine translated) statement:

“As a company providing psychotherapy services, the confidentiality of customer information is extremely important to us and the starting point for all our operations. We deeply regret the leak due to the breakthrough. We are constantly developing our data security and data protection and will take additional measures when our own investigations and regulatory investigations are completed. Due to the ongoing police investigation, we have not received a message on the subject before, as for technical reasons the investigation has not been made public,” said Kahri.

It”s not certain whether Vastaamo is dealing with a ransomware attack, but all signs point to one. In the past year, ransomware operators have not only encrypted but also downloaded the victim”s data, threatening to make it public or sell it to fraudsters in a bid to coerce victims into paying. Of course, even if the victim pays a ransom, nothing stops the perps from selling the data on the dark web anyway.

Vastaamo promises to keep customers updated with the latest information and directs members of the media to the company”s chairman for inquiries.

In situations like these, the victim company has a moral obligation to tell customers how to spot fraud attempts or phishing scams that leverage their personal information for credibility. Victim companies should also offer free credit card monitoring to those affected.

If you are a Vastaamo customer, keep a close eye on your bank statements and don”t reply to any unsolicited emails or text messages asking for your login credentials, or any other personal information for that matter.

If you have a password-protected account with Vastaamo and you”ve used that password on other services on the web, set up new passwords for each one of those other services.

Were you a victim of a data breach? Time to find out with Bitdefender”s Digital Identity Protection tool.

tags


Author



Right now

Top posts

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read
What Is a VPN, How Does It Protect Me, and What Cool Perks Does it Offer?

What Is a VPN, How Does It Protect Me, and What Cool Perks Does it Offer?

September 23, 2021

2 min read
Ultimate Privacy Guide for Your Facebook Account

Ultimate Privacy Guide for Your Facebook Account

August 31, 2021

6 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Tesla reverses "Full self-driving" beta update after sudden braking reports Tesla reverses "Full self-driving" beta update after sudden braking reports
Graham CLULEY

October 27, 2021

2 min read
Ukrainian Police Arrest Underground Darknet Group Laundering Cryptocurrency for Hackers Ukrainian Police Arrest Underground Darknet Group Laundering Cryptocurrency for Hackers
Silviu STAHIE

October 26, 2021

1 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords
Filip TRUȚĂ

October 26, 2021

3 min read