Finnish Patients Blackmailed After Clinic Data Breach - Comment from an Opentext company Webroot
October 2020 by Matt Aldridge, Principal Solutions Architect, Webroot
The confidential treatment records of tens of thousands of psychotherapy patients in private psychotherapy clinic Vastaamo, in Finland, have been hacked and some leaked online. Many patients reported receiving emails with a demand for €200 (£181) in bitcoin to prevent the contents of their discussions with therapists being made public.
Matt Aldridge, Principal Solutions Architect, Webroot coment:
“As organisations increasingly rely on digital technologies to streamline their services, hackers are finding new ways to attack IT systems and steal data. This is not just an issue for the health sector – the number of cyber-attacks is rising across all industries.
Unfortunately, in this case, the use of sensitive stolen data is being used as a means to enable further attacks, and it is much easier to fool or blackmail victims once you know details about them.
To mitigate future attacks, there must be robust measures in place to reduce the risks as much as possible and strict controls on how patient data can be stored. Staff training is also essential for defending against cyber-attacks, and employees need to know what to look out for. The training materials used need to be updated continuously to reflect the latest threat trends, and regular simulations should be run to ensure that the training has the desired effect.
This cruel attack is a clear reminder that many cybercriminals have no moral code and will stop at nothing to get paid. It is crucial for any organisation storing sensitive data to perform regular reviews of their security posture and to ensure that appropriate investments are made to minimise the risk of data loss.”