< Back to Searchlight Blog

Finnish psychotherapy centre data breach: hackers blackmail individual patients

Published on 28 Oct 2020 by Louise

Hackers gained access to thousands of confidential records for patients of private Finnish psychotherapy centre Vastaamo, reflecting a broader trend of poor cybersecurity across global healthcare systems.

Finnish psychotherapy centre Vastaamo recently felt the effects of a data breach in which hackers gained access to patient treatment records, which subsequently appeared on dark web sites. When the company itself refused to pay a ransom of €450,000, hackers began threatening individual patients with the release of their private data unless they paid up to €500 in Bitcoin.

Vastaamo, a private company which provides services for over 40,000 people in Finland, noted the theft of patient data had initially occured two years ago in November 2018, with another potential breach in March 2019. In October this year, the hackers responsible demanded €450,000 in Bitcoin from the company to prevent up to 10GB of unencrypted data, containing patients' phone numbers, addresses and private notes detailing their therapy sessions, from being published online. When Vastaamo refused to pay, information belonging to 300 patients was released on the dark web, with intimate personal details being extremely useful for purposes of fraud and identity theft.

Following this, the cybercriminals emailed more than 200 individual patients demanding ransoms of up to €500 in exchange for the safety of their details. Despite being advised by police not to engage with the blackmailers, many were fearful of their treatment records being published for all to see, with some dating back to their adolescent years and a significant amount of Vastaamo's patients still being minors.

The Vastaamo hack reflects a broader trend worldwide of poor cybersecurity in healthcare systems, which is increasingly exploited by criminal groups to gain valuable information and wreak financial and operational havoc on organisations. IBM's Cost of Data Breach report estimates the average US healthcare breach costs over $7 million, the highest of any industry and increasing year on year.

The US alone has experienced a seven-fold increase in healthcare data breaches in the past eight months, with a ransomware attack in September shutting down 250 facilities in the country causing longer emergency-room waits and impeded patient care. Frustratingly, the healthcare industry's generally poor cybersecurity stems from easy-to-resolve issues, such as exposed endpoints in the processes that create paper and film records which make them easy tagets for hacking. Laptops belonging to healthcare executives often lack sufficient measures to secure information in the event of theft. These problems are reminiscent of the 2017 WannaCry ransomware attack on the UK's NHS, facilitated by system-wide use of an outdated version of Windows Operating System which lacked new security patches.

Try our Darknet Intelligence/Forensics tool for free, contact enquiries@slcyber.io


Latest News from Searchlight

28 Oct 2020

Darknet market landscape more volatile - and lucrative - than ever

Recent trends of law enforcement shutdowns and exit scams by popular marketplaces have made the Western darknet market landscape increasingly volatile, with no single platform dominating in terms of volume. This multipolarity, combined with the rise of cryptocurrencies such as Bitcoin, has facilitated the number of markets on the darknet to reach record levels.

Read more...

28 Oct 2020

Darknet interference in the 2020 US presidential election

Many sources are concerned what impact darknet-related activities will have on the 2020 US presidential election. Potential threats range from ransomware attacks against local government databases, far-right schemes to spread misinformation regarding mail-in ballots, phishing emails targeting election officials and large amounts of US voter registration data for sale on the dark web.

Read more...

28 Oct 2020

Finnish psychotherapy centre data breach: hackers blackmail individual patients

Hackers gained access to thousands of confidential records for patients of private Finnish psychotherapy centre Vastaamo, reflecting a broader trend of poor cybersecurity across global healthcare systems.

Read more...

27 Apr 2020

Have COVID-19 Health Organisations been hacked?

Pastebin and Twitter are actively removing files containing thousands of email addresses and passwords, allegedly belonging to various health organisations involved in the fight against COVID-19.

Read more...