A company offering psychological support and psychotherapy services to thousands of patients in Finland has fallen victim to hackers. As reported by company, The malicious agents keep patient information as a guarantee to be sure they will receive it ransom they have requested.
Η Vastaamo, which serves patients in 20 cities, including Helsinki, Joensuu, Jyväskylä, Pori, Turku and Tampere, says unknown malicious agents contacted the company and informed them that they had the personal data of its patients.
The company immediately informed the authorities, including Finnish Cyber Security Center, the Data Protection Ombudsman and the National Welfare and Health Supervisory Authority. They also contacted independent security experts to see what happened, as well as the National Bureau of Investigation, which has launched an investigation into the incident.
"As a company that provides psychotherapy services, the confidentiality of our clients' information is extremely important to us and the starting point for all our operations. "We are deeply saddened by the data breach," said Tuomas Kahri, chairman of Vastaamo.
"We are constantly developing it safety of information and the protection of our data and we will take additional measures when the investigations are completed ", he added.
Vastaamo says it has not disclosed the matter to the public or its patients so far due to the ongoing police investigation. It is not yet known if the hackers are still holding patient information, if ransom was paid or if the files were recovered. There is no information on the number of patients affected by attack, nor for how long the malicious agents had access to the company's systems. We also do not know how much ransom the hackers demanded.