A horrendous failure

Imagine finally summoning up the courage to start therapy, to disclose your scariest thoughts and feelings, and then this happens.

They told their therapists everything. Hackers leaked it allWIRED
“If we receive €200 worth of Bitcoin within 24 hours, your information will be permanently deleted from our servers,” the email said in Finnish. If Jere missed the first deadline, he’d have another 48 hours to fork over €500, or about $600. After that, “your information will be published for all to see.”

It’s a story that WIRED’s UK version had covered in a very similar way back in December.

A dying man, a therapist and the ransom raid that shook the worldWIRED UK
After a handful of sessions, Puro’s therapist moved on to find new work, supposedly saying he couldn’t do anything more to help. Puro has managed alone since then, but his story has taken another dark twist – one that has shaken him to the core. A data breach at Vastaamo led to Puro and thousands of other vulnerable people being extorted by criminals who threatened to expose their highly sensitive data.

Here’s The Guardian’s report from October.

‘Shocking’ hack of psychotherapy records in Finland affects thousandsThe Guardian
Distressed patients flooded victim support services over the weekend as Finnish police revealed that hackers had accessed records belonging to the private company Vastaamo, which runs 25 therapy centres across Finland. Thousands have reportedly filed police complaints over the breach. Many patients reported receiving emails with a demand for €200 (£181) in bitcoin to prevent the contents of their discussions with therapists being made public.

Devastating for the patients affected as well as the therapy company itself, Vastaamo.

Vastaamo fires CEO, saying he knew about hacking for 18 monthsHelsinki Times
The psychotherapy centre has determined that its database was hacked in November 2018. Nixu, a Finnish cybersecurity company, found later in its investigation that the centre was targeted also in another hacking, in March 2019. “It’s very likely that the chief executive has known about the issue at that point,” Kahri stated to Ilta-Sanomat.

Hacked Finnish therapy business collapsesComputer Weekly
Vastaamo, the Finland-based private psychotherapy practice that covered up a cyber attack on its patient record system in 2018 and then saw its patients directly extorted by cyber criminals, has collapsed into bankruptcy with its services to be acquired by medical services firm Verve.

Hacked psychotherapy centre Vastaamo files for bankruptcyYle Uutiset
The firm was placed under liquidation in late January. Lassi Nyyssönen from Fenno Attorneys at Law was appointed as liquidator, but after assessing the situation decided that it was not feasible to carry out liquidation proceedings. “It very quickly became clear that the company’s clear, undisputed debts exceed the amount of its assets. That does not of course include possible damages that it may have to pay due to the data breach,” Nyyssönen told Yle.

A sign of the times?

Vastaamo breach, bankruptcy indicate troubling trendSearchSecurity
Prior to learning of the Vastaamo hack, Hypponen said he believed that most attackers are motivated by financial information. “If you’re trying to make money with your criminal attacks, medical information is not a very good target for you. Well turns out, I might have been wrong,” he said during the webinar. “It might be now the case that we are seeing the beginning of the next trend — a trend where medical information is becoming a prime target for financially motivated criminals. They might not just be blackmailing the organization with the encryption of data, but the patients themselves.”

Author: Terry Madeley

Works with student data and enjoys reading about art, data, education and technology.

3 thoughts on “A horrendous failure”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s