Finnish Therapy Patients Blackmailed After Data Breach

Elias Hubbard
October 28, 2020

Finland's interior minister summoned key Cabinet members into an emergency meeting over the weekend after hundreds - and possibly thousands - of patient records at a private Finnish psychotherapy centre were accessed by a hacker or hackers now demanding ransoms.

It was not immediately clear if the stolen information included diagnoses, notes from therapy sessions or other potentially damaging information.

The hackers have leaked 300 patient records on a website on the Tor browser after the company released a public notification about the incident.

Finnish police are working with other agencies to investigate the data breach targeting Vastamu, which is treating almost 40,000 patients across the country.

"We are grateful for how various actors in society have helped the police". It is particularly great that citizens are urging all not to share this material on social media. "Such sharing of information constitutes a critical element of the offense", he added.

And in a new low, many patients reported receiving emails with a demand for €200 (£181) in bitcoin to prevent the contents of their discussions with therapists being made public. Police also restrained people from paying hackers, saying it would not guarantee their information remained confidential.

Finland's leaders expressed their dissatisfaction with the abuse and said the victims needed immediate support.

"This data breach is shocking in many ways", Finnish Prime Minister Sanna Marin said on Twitter on Saturday. Ministries are looking for ways to help the victims. "There is also a need for actions by municipalities and organizations".

"We all have our inner selves that we want to protect".

Vastaamo said on Sunday it was "extremely sorry" for the breach, as security experts told newspaper Helsingin Sanomat that a 10-gigabyte data file containing private notes between at least 2,000 patients and their therapists had appeared on websites on the so-called dark web.

It was said that the hacking group had initially demanded €450,000 ransom from Vastaamo in exchange for deleting the records permanently, but then started sending ransom letters to patients after Vastaamo refused to "take responsibility for their own mistakes".

The chief research officer of Finnish data security company F-Secure, Mikko Hypponen, told Finnish public broadcaster YLE that the case was exceptional even on an global level.

Tobio said in a statement posted on his Facebook page Monday evening that he was unaware of the initial data breach in November 2018. Its CEO, Phil Tapio, was sacked after it was discovered that he had concealed a breach from the company's board of directors and the parent company.

"In this situation, there is a need to provide up-to-date information in one place", said Kirsi Karilama, Director-General, Traffic. "We hope this site is useful to them in this hard situation".

Other reports by Click Lancashire

Discuss This Article