Therapy clinic Vastaamo has fired its CEO Ville Tapio in the wake of a disastrous data breach which has seen patients’ personal details, as well as notes of what has been discussed in confidential therapy sessions, exposed.
After demanding Vastaamo pay a ransom of 450,000 Euros, the hacker has emailed victims in an attempt to extort 200 Euros worth of Bitcoin.
Victims were told that if they didn’t pay 200 Euros, the ransom would rise to 500 Euros after 24 hours, and then sensitive information would be published online after 72 hours had elapsed.
It is thought that the hacker, who is going by the name “ransom_man”, may have seized psychotherapy session notes related to as many as 40,000 patients, with a 10 GB file containing private notes related to at least 2000 patients already published on the dark web.
To compound the horror of the incident, some of the patients embroiled in the data breach are children.
According to BBC News, Vastaamo has set up a telephone hotline for victims, and is offering those affected “one free therapy session, the details of which will not be recorded.”
Yeah, well. Too bloody right it shouldn’t be recorded.
Sign up to our newsletterSecurity news, advice, and tips.
An investigation has uncovered that the database of customer details and therapy session notes was first breached in November 2018, but there was another security breach in mid-March 2019 which apparently CEO Ville Tapio knew about but – for reasons best known to himself – did ..
Support the originator by clicking the read the rest link below.
