Hackers steal thousands of documents from Finnish psychotherapy centre

Hackers access patient records of tens of thousands of people at Finnish psychotherapy centre and demand €200 ransoms from each

  • Vastaamo, private firm running 25 Finnish psychotherapy clinics, hit by hackers
  • Confidential records from tens of thousands of patients thought to be missing  
  • Victims sent emails demanding 200 euros paid in bitcoin to keep records secret
  • 2,000 documents, including records involving children, already leaked online 

Confidential treatment records of tens of thousands of psychotherapy patients at a chain of Finnish clinics has been hacked, investigators say. 

Cyber criminals began emailing ransom demands to clients of private heathcare company Vastaamo, which runs 25 clinic across Finland, at the weekend.

Hackers are demanding 200 euros from each client paid in bitcoin in order to keep the records secret, with some 2,000 already leaked on the dark web.

Confidential patient records from a chain of Finnish psychotherapy clinics (pictured) have been hacked, with victims sent 200 euro ransom demand

Victims say the hacker or hackers are using the alias ‘ransom-man’ in emails, though it is not clear who is behind the breach.

Vastaamo chairman Tuomas Kahri said an internal inquiry has been launched, and it appears the hack happened in November 2018. 

It is not clear why the hackers have waited so long to come forward with their demands. 

Interior Minister Maria Ohisalo summoned key Cabinet ministers into an emergency meeting on Sunday to discuss the breach, before calling it a ‘shocking act’.  

Finland must be a country where ‘help for mental health issues is available and it can be accessed without fear, she added in a statement released Monday.

Further emergency discussions have been tabled for the coming week, as police said they had received thousands of complaints.

‘We are investigating an aggravated security breach and aggravated extortion, among other charges,’ Robin Lardot, the director of Finland’s National Bureau of Investigation, told a news conference at the weekend.

Lardot added that they believed the number of patients whose records had been compromised numbered in the tens of thousands. 

The hack, which targeted some of society’s most vulnerable including children, has caused widespread shock in the Nordic country of 5.5 million.

Ministers have been discussing how best to support those whose data has been leaked online. 

The hacker or hackers responsible are using the alias ‘ransom-man’, though it is not clear where the hack originated or who carried it out (file image)

‘It is absolutely clear that people are justifiably worried not only about their own security and health but that of their close ones too,’ Ohisalo told reporters .

On Monday, authorities launched a website for victims of the cyberattack, offering advice and telling them not to pay the ransom demand.

‘Do not communicate with the extortionist, the data has most likely already been leaked elsewhere,’ the ‘Data Leak Help’ site said.

Mental health and victim support charities reported being overwhelmed with calls from distressed people fearing that their intimate conversations with their therapists would be publicly released. 

One of the recipients of a blackmail threat, the former MP Kirsi Piha, tweeted a screenshot of the ransom message along with a defiant reply to the hackers.

‘Up yours! Seeking help is never something to be ashamed of,’ Piha wrote.

‘This is a very sad case for the victims, some of which are underage. The attacker has no shame,’ Mikko Hypponen of data security firm F-Secure said on Twitter.

Hypponen, an internationally renowned data security specialist, called the breach ‘highly unusual’ and said he was only aware of one other patient blackmail case.

During that attack, a cosmetic surgery clinic in Florida had a smaller amount of data stolen in 2019.

On Monday, Finland’s social care regulator said in a statement it was investigating Vastaamo’s practices, including how well patients were kept informed of the breach.

Meanwhile the head of the state digital services agency DVV, Kimmo Rousku, said that the cyberattack could have been avoided if Vastaamo had used better encryption.

DVV published a checklist on Monday for firms to make sure their digital security is in order.

‘Management needs to wake up,’ Rousku told public broadcaster Yle.

A phone line offering legal advice had also been set up, the country’s consumer authority announced on Monday.

Source: Read Full Article