The attackers managed to steal records related to treatment sessions, as well as patients’ personal information including Social Security numbers and addresses, according to Vastaamo, the largest private psychotherapy center in the country. The stolen records do not clarify specific discussions with patients, but they do include narrower care plans and professional entries.
Authorities are working to track down patients who have received emails threatening to reveal personal information unless the recipient pays the blackmailer. Some records have already been leaked online.
Finnish police are working with other agencies to investigate the data breach targeting Vastamu, which is treating nearly 40,000 patients across the country. Police believe the number of infected patients could rise to tens of thousands.
“We are grateful for how various actors in the community have helped the police,” said Marco Lipponen, a detective inspector at the Finnish National Bureau of Investigation. He added, “It is especially great that citizens urge everyone not to share this material on social media. Sharing this information fulfills the basic elements of crime.”
Some victims have received emails requesting Bitcoin payments to prevent public disclosure of their personal information, which authorities discourage victims from doing. Instead, agencies require these patients to save blackmail emails and other potential evidence they may have received and file a police report. The police also discouraged people from paying the money to the hackers, saying they would not guarantee their data would remain confidential.
Finland’s leaders expressed their dissatisfaction with the abuse and said the victims needed immediate support.
“This data breach is shocking in several ways,” Finnish Prime Minister Sana Marin said on Twitter on Saturday. “Victims now need support and assistance. Ministries are exploring ways to help victims. There is also a need for actions by municipalities and organizations.”
The country’s president, Sole Niinistö, told Yle News on Sunday that the breach was “relentlessly severe.”
He said, “We all have our inner personality that we want to protect. And now it’s been violated.”
Vastaamo said it had launched an internal investigation into the matter and admitted on its website on Monday that hackers had access to its patient database for the first time in November 2018. The company said the vulnerabilities had continued until March 2019. The company also announced on Monday that it had managed to gain access to its patient database. Access to its patient database. Its CEO, Phil Tapio, was fired after it was discovered that he had concealed a breach from the company’s board of directors and the parent company.
Tapio said he was not aware of the initial data breach in November 2018, in a statement released Monday evening to his Facebook page.
On Monday, the Finnish Transport and Communications Agency, Traficom, said it had worked with other public authorities to create a website to help victims.
“In this worrying situation, the need for providing updated information in one place has arisen,” said Traficom’s General Manager, Kersee Kralama. We hope that the site will be useful to them in this difficult situation. “
Sheriff Paget of CNN contributed to this report from Atlanta.