freshidea - stock.adobe.com

Highly unusual hacking attack directly threatens therapy patients

A hacker has directly contacted therapy patients to say their highly personal therapy notes will be put on the internet unless they pay the ransom

In what has been described as  a “highly unusual ransomware case”, a hacker is demanding money directly from patients after an electronics patients record (EPR) system in Finland was hacked.

According to news reports, private psychotherapy clinic Vastaamo was broken into and the therapist notes for up to 40,000 patients were stolen. It is believed that the hacker tried to extort money from the company first. When it refused, the hacker began emailing the patients whose medical records and therapy notes were stolen, asking each person for €200 ransom paid by bitcoin.

In a tweet, Mikko Hyppönen, chief research officer at F-Secure, said: “The attacker calls himself ‘ransom_man’, is running a Tor site on which he has already leaked the therapist session notes of 300 patients. This is a very sad case for the victims, some of which are underage. The attacker has no shame.”

Responding to Hyppönen’s comment, F-Secure software engineer, Jarre Leskinen, tweeted: “Based on blockchain transactions #vastaamo likely already paid their ransom and now the attacker is still blackmailing the victims individually. This is totally disgusting.”

It is believed that the hacker had previously spoken to Vastaamo to threaten the release of the data unless the company paid €400,000.

In a video blog about the incident, Finnish e-commerce expert Artem Daniliants said that in 2018, the company had its EPR system hacked and data was stolen. This data was released over the weekend and posted on a Tor-powered forum. He said the hackers asked Vastaamo for a ransom believed to be 500,000 bitcoins.

According to Daniliants, in Finland, an EPR system needs to be audited by the government to ensure it meets a certain level of security. This can be costly and time-consuming, so the Finnish government provides a less stringent policy for EPR systems, classified as “B-level”, which Daniliants said does not require the security audit.

“Vastaamo had a B-level EPR system and had the server exposed publicly,” said Daniliants. This generally goes against best practices for securing EPR systems, where external access is secured via a virtual private network (VPN).

“Their system was exposed to the whole internet and, unfortunately, according to the information I was able to find, it was Apache and PHP,” he said, adding that the company was running outdated versions of these open source servers, which had lots of security holes. “Most likely, the hackers just ran a security scan and found the vulnerable servers.”

BBC News spoke to one victim who said he was contacted by the hacker, going under the pseudonym “ransom guy”, who said the ransom would go up from €200 to €500 if it was not paid within 24 hours. After 72 hours, the victim said the hacker threatened to release the notes from his therapy sessions onto Tor.

Daniliants said the hackers have set up bitcoin wallets for all the Vastaamo patients they contacted directly. “They [ask] you to transfer money in bitcoins to that particular wallet in order to get your data erased,” he added,

Hyppönen said: “I’m aware of only one other patient blackmail case that would be even remotely similar – the Center for Facial Restoration incident in Florida in 2019. This was a different medical area and had a smaller number of victims, but the basic idea was the same.”

Read more about data theft

  • In this e-guide, we will explore the links between ransomware attacks, data breaches and identity theft.
  • Ransomware threatens to put your data beyond reach, so the best way to prepare is to have good-quality data you can restore from backup. We look at the key things to consider.
Content Continues Below

Read more on Data breach incident management and recovery

Join the conversation

15 comments

Send me notifications when other members comment.

Please create a username to comment.

Have you gotten your bitcoin stolen from your wallet or invested in an ICO
that turned out to be a scam? you are not alone because this happened to me
too. I initially lost GBP257,000 in just three months from Cryptoallday and
a couple of others. I contacted the authorities and they referred me to R E C O V E R C O I N @ R E S C U E T E A M . C O M who helped me recover all my funds within 2 days. I’m speaking up to improve awareness of these cryptocurrency thieves and help as much as I can to reduce victims to the nearest minimum.
Cancel

I googled a few recovery companies and after a few days of research I came across R E C O V E R C O I N @ R E S C U E T E A M . C O M. that helped me recover my lost coins, I was very skeptical as can be imagined but I’m glad to say my bitcoin was recovered and sent back to me after 3 working days.

Cancel

I thought it was all gone but thanks to R E C O V E R C O I N @ R E S C U E T E A M . C O M I got it all back.

Cancel
Thank you very much R E C O V E R C O I N @ R E S C U E T E A M . C O M
Cancel

All I can say is Thank you! I love how everything came together as well. I’ve already recommended you to a few people.

Cancel

If you need your stolen cryptocurrency back, contact this company. they are fast and very good

Cancel

 

The only way you can get your money is by hiring a professional recovery expert to help you break into the Firms database security system, using the information you provide, extract your file and get back your Bitcoin. I highly recommend this professional recovery agency: F A S T F U N D S R E C O V E R Y 9 8 @ S O L U T I O N 4 U . C O M.

Cancel

 You should file a complaint directly to him at (F A S T F U N D S R E C O V E R Y 9 8 @ S O L U T I O N 4 U . C O M ) in case u need help recovering your lost transactions, i recently recovered mine within an hour.

Cancel

if you are ever in a situation where your Bitcoin gets stolen or lost, i recommend contacting the email;   Q U I C K C O I N R E C O V E R Y 1 1 0 @ C O N S U L T A N T . C O M". They really do great jobs. They come highly recommended, they helped me recover my stolen Bitcoin from a scam cryptocurrency site.

Cancel

If your cryptocurrency has been stolen contact the right people to get it for you. I was able to recover 5BTC stolen from my wallet. Reach out to B T C R E C O V E R Y 1 0 1 @ C O N S U L T A N T . C O M. I strongly recommend their services! They are the best when it comes to recovering lost funds.

Cancel

I was scammed too and I never thought recovery was a real deal until I crossed paths with a very experienced and reliable recovery agency M O N E Y R E C O V E R Y 0 0 1 @ S O L U T I O N 4 U . C O M, I have successfully gotten back my funds, Thanks to this team for the hard work and time dedicated for my work. You are the best

Cancel

I got ripped off by an investment company named cryptoallday by sending them all my life savings, in total I invested $70,000 of my trust-fund money and was hoping to triple my capital in a week as they promised. When it was time to withdraw my profit I was being coerced into sending more money for my cashout which I ignorantly did.. To cut the long story short I lost all the money and was left with nothing so I began searching the whole web for somebody who could recover stolen bitcoins. I searched for at least 4 months and came across different rippers again but I couldn't quit because I had nothing more to lose paying anybody to get my $76,000 (total amount I paid them). 

Finally, I came across a recovery company on google and reached out to them via gmail bitcoinretrieval2018 gmail com and they did excellent in helping me recover my bitcoins. I was counseled by their group of experts and learned more about Bitcoins, at the same time recovered my total money lost, I can confidently refer anybody that was in my situation to them because I'm sure they offer genuine help. Be careful out there guys 

Cancel

I am not one of the hundreds of people who were victims of binary option Fraud but have been rescued by M O N E Y R E C O V E R Y 0 0 1 @ S O L U T I O N 4 U . C O M. They did an excellent job in securing back the funds which was invested by Iq options. I was not able to withdraw the funds anymore but with MONEY RECOVERY SOLUTION, I was treated as a no 1 priority and it ended successfully.

Cancel
The rate people steal bitcoin is overwhelming, i met a certain an investment broker at and she did a very calculative maths for me about how i could make tipple of my capital, so i decided to go ahead with the investment $540, 000 of my hard earned sweat of 20 years in 7 accounts.I was able to withdrawal just $10, 000 at first and then i couldn't get any of my initial capital back. I called then several time and also sent emails but all to no avail. I was referred to BLACKJOCKER10x @ PROTONMAIL COM who had recovered 100% of my lost funds to me. I couldn't believe at first that this was possible because i lost hopes in contacting anyone on the internet, but i guess not everybody is bad after all.
Cancel

I was completely taken in by a binary option company, and soon they had all my deposits and profits. Later, I found out that I couldn't withdraw my funds. I called my account manager but nothing was done. I tried so many different ways, but no luck, and had given up. However, R E C O V E R C O I N @ R E S C U E T E A M . C O M completely took control and got back all of my money!

Cancel

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close