A Hacker Is Threatening to Leak Patients’ Therapy Notes

Ransomware attacks have surged around the world in recent months, targeting big corporations and critical organizations like hospitals. But digital extortion comes in many forms. And a particularly vicious assault is currently taking place in Finland, where a hacker is threatening to release therapy notes and other data stolen over the last two years from one of the country’s largest psychiatric services clinics.

The health care and mental health services provider Vastaamo says it first began investigating a possible breach at the end of September, when a hacker contacted three of the organization’s employees with extortion demands. Since then, Vastaamo has been working with the private security firm Nixu, Finland’s Central Criminal Police, and other national law enforcement agencies to investigate the situation. It seems that Vastaamo had at least one exposed database of patient information that was breached in November 2018 and likely again in mid-March 2019. It is unclear how many patients were affected, but the National Bureau of Investigation said on Sunday that the number could be in the tens of thousands.

hop over to this web-site
my website
browse around here
Recommended Site
Your Domain Name
Web Site
click this site
hop over to this site
i was reading this
click here to read
read here
i loved this
my blog
click now
you can try these out
informative post
top article
useful site
click this over here now
moved here
resource
about his
navigate to this site
click this
click here for more info
investigate this site
more helpful hints
read
over at this website
find
go to the website
try this site
look at more info
look what i found
Full Report
websites
Extra resources
get more
like it
click here for more
find out here now
this hyperlink
home
site here
discover here
click here for info
try this website
go
look at here
Visit Your URL
see this website
visit this page
Click Here
check this
browse around these guys
redirected here
visit this site right here
review
have a peek at this website
right here
why not try this out
article source
visite site
web link
you could try this out
description
my latest blog post
find out this here
wikipedia reference
find more information
continue reading this
this post
index
official website
go to these guys
learn the facts here now
Related Site
Click This Link
Visit This Link
you can try here

The hacker or hackers running the extortion campaign have been demanding 200 euros’ worth of bitcoin, about $230, from victims within 24 hours of the initial ask, or 500 euros ($590) after that, or else they’ll make their information public. A hacker persona “ransom_man” has set up a site on the anonymous web service Tor that already lists leaked data from at least 300 Vastaamo patients. Finnish media reports also indicate that Vastaamo has received a demand for around $530,000 worth of bitcoin to keep the stolen data out of the public domain.

In a statement updated on Monday, Vastaamo said that a managing director had been removed over the incident. “The authorities and the Response Office will do their utmost to find out what happened, to prevent the dissemination of information and to bring the perpetrators to justice,” the release says, as translated by Google. “We apologize for the shortcomings in data security, the consequences and human cost of which have become extremely heavy.”

Finland’s Central Criminal Police said in a statement that it was investigating the incident as aggravated burglary, aggravated extortion, and dissemination of aggravated invasions of privacy, adding that situation is “exceptional … due to the sensitivity of the material disseminated online,” as translated by Google.

Data extortion attacks can come in many forms. For example, a common type of email scam involves a threatening to leak nude photos or other sexually explicit imagery of a victim if they don’t pay up. These types of messages are often a pure bluff, personalized to contain one of the victim’s old passwords exposed in a historic data breach as a way of attempting to legitimize the demand.

But while the concept may be widely known, the practice is widely viewed as especially immoral. And leaking mental health patient data for extortion appears to be a new low.

“I’ve seen a lot, but I haven’t seen this,” says Mikko Hyppönen, chief research officer at the security firm F-Secure in Finland. “It’s such a sad case, and this attacker has no shame. To get justice to the victims, I’d like nothing more than to get the person behind this arrested. However, I’d also like to see the Vastaamo clinic be held responsible for failing to protect critical patient data.”

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *