BreachExchange mailing list archives
Psychotherapy centre's database hacked, patient info held ransom
From: Destry Winant <destry () riskbasedsecurity com>
Date: Thu, 22 Oct 2020 09:31:56 -0500
https://yle.fi/uutiset/osasto/news/psychotherapy_centres_database_hacked_patient_info_held_ransom/11605460 The privately-run psychotherapy centre Vastamo announced that sensitive information about its clients was leaked after its database was recently hacked, according to a company release issued on Wednesday. The Helsinki-based company said that the hackers who stole the data made attempts to extort money in exchange for its return. Vastamo's board chair, Tuomas Kahri, told Yle that the National Board of Investigation is looking into the matter. However, Kahri did not reveal the amount of personal data that was leaked, nor when the centre's database was hacked. In its announcement about the incident on its website, the company said that customer data entered to the database after November 2018 had not been compromised. The firm said it had also contacted the National Cyber Security Centre, the National Supervisory Authority for Welfare and Health (Valvira) and the Office of the Data Protection Ombudsman about the matter. The company statement said its data security systems had undergone an audit and are being more effectively monitored. Tabloid paper Ilta-Sanomat was first to report on the matter. The publication said it had seen what it described as personal information about patients posted online, including sensitive data including their names. "As a company that provides psychotherapy services, the confidentiality of customer information is extremely important to us and is the starting point of all our operations. We deeply regret the leak due to the hack. We are constantly developing our information security and data protection, and we will take additional measures when our internal investigations and regulatory probes are complete," Kahri said in the statement, adding that the firm had not announced the leak previously due to the ongoing police investigation. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Psychotherapy centre's database hacked, patient info held ransom Destry Winant (Oct 22)