Data leak: Cybercriminals steal health data in Finland and expose it
The Vastaamo psychotherapy center was hit by a computer attack that resulted in the immediate misappropriation of several apartment data to a hundred patients during the past week.
To put pressure on the psychotherapy center to pay a ransom of more than 450,000 euros, cyber criminals began to publish certain data online. To stop these acts, they then demanded payment of the said ransom.
This article will also interest you: The issue of privacy and personal data
The information that was published consisted of data on the content of the therapy sessions experienced by patients at the health centre. This also includes data from minors. But since Friday, the publications have ceased. Some assume that the centre eventually gave in to blackmail.
The facts were reported by the online platform Foreigner.fi. "The hackers managed to gain access to the database of thousands of Vastaamo customers and began publishing personal data on patients after detecting vulnerabilities in their systems," she said. She added: "But the scandal caused by the extortion of a group of hackers from the private company that provides psychotherapy services to the public health system ended on Friday to the amazement of the Finns. ».
For all intents and purposes, Vastaamo, the target of cyberattacks, and a private center dedicated to psychotherapy. It generally operates as subcontractors in Finland's public health system. It essentially provides psychiatric treatment to people with depression or certain mental disorders. It is affiliated with the population largely thanks to the social insurance company KELA. In a sense, the girl who still has a good reputation in terms of the digital revolution in Europe, unfortunately cannot escape her problems related to cybersecurity. And data from patients with psychiatric disorders have been exposed by this lack.
To encourage the head of the center to pay the 450,000 euros in non-ransom bitcoin, cyber criminals began to publish information 100 patients a day, on the encrypted computer network Tor. As the company continues to resist, cybercriminals have accelerated the pace with data of 200 patients per day.
The newspaper reports that the extortionists demanded about 450,000 euros (in bitcoins) in exchange for the non-publication of clinical and mental health data of thousands of people. To get Vastaamo officials to react quickly, cybercriminals began publishing the data of 100 people every day, starting last Wednesday, on the encrypted tor computer network. The information disclosed consists mainly of patients' names, personal identification numbers, telephone numbers, physical and email addresses, and the content of therapy sessions.
"An unknown hostile entity contacted Vastaamo and claimed to have obtained confidential information from the company's customers. The Central Criminal Police has launched a criminal investigation into the case. Immediate notifications were also made to the Finnish Cyber Security Centre, Valvira and the Data Protection Commissioner. In addition, Vastamo has taken immediate steps to clarify the case in cooperation with external and independent security experts," Vastaamo said in a press release, according to the Foreigner.fi platform.
The online platform line read that while cybercriminals have stopped disclosing information stolen from the psychiatric health centre, no one really knows why cybercriminals did so. However, there is no guarantee that they will no longer hold this information or if they no longer intend to use it. Indeed, certain information such as email addresses, names and surnames can be used in targeted cyber attacks, thus endangering patients a second time. It will then be necessary to check most often on the dark web if this data has not been resold and exposed there.
Now access an unlimited number of passwords: