Last week, a hacker breached the systems of the ‘Vastaamo’ Finish psychotherapy clinic, stealing sensitive information on 40,000 patients. The actor demanded 40 BTC ($522,400) in order not to publish the data online, but the clinic’s response to this blackmail wasn’t as quick as the hacker would have wanted. And so the weekend came, and with no money in the pocket, the threat actor decided to begin a low-level extortion process aiming at the victims directly.
According to the latest reports that surfaced from local media outlets, the hacker who calls himself “ransom man” is contacting individual patients and asking them to pay a ransom of $235 or have their psychotherapy records dumped on the internet for everyone to see. This is very disturbing, as many of the recipients of these messages are in an extremely vulnerable condition, and threatening them with a leak of such sensitive information could push them to the edge.
Vastaamo operates psychotherapy clinics in twenty cities across Finland, so this incident affects a large number of patients from various locations. According to what information the company has admitted to storing, the hacker may hold customer IDs, doctor notes (session notes), visitation dates, appointment details, care plans, and statements. Video sessions are not recorded, so the actor shouldn’t have found any clips in the company’s systems.
Related: Pharmaceutical Company “Pfizer” Leaked Private Client Data
The company had to respond to the worsening situation, so they set up a crisis telephone number line available at “044 4141 997.” Additionally, they urge anyone contacted by the blackmailer to report this to the police by filing an electronic criminal report. As the clinic firm said, patients registered before the end of March 2019 may have been compromised by this attack, so if you’ve registered after that date, your data could be safe.
Apart from the above, Vestaamo offers one free therapy session for each client who is among the victims of this situation. This is to be done via phone, and no patient records will be kept on it. The organization has also contracted credit monitoring experts to help the patients mitigate the risk of account thefts, phishing, and scamming, so something will be announced on that part soon.