Helsinki (AP) – Finland’s interior minister summoned hundreds of cabinet members to an emergency meeting on Sunday – including information about possibly thousands of additional patients at a private Finnish psychiatry center, given by a hacker or hacker who is seeking a ransom Were. From customers.
Finnish Interior Minister Maria Ohisalo tweeted that authorities provided “quick crisis assistance to victims” for a security breach at the Vastao psychiatry center, an incident they called “shocking and very serious”.
Vastaamo, which has 5.5 million Nordic branches across the country and works as a subcontractor for Finland’s public health system, said its customers with intimate patient information during two attacks that began about two years ago The register was stolen.
“The first intrusion probably occurred in November 2018,” Vastaome said in a statement late Saturday, and “it is likely that our (data) system penetrated in late November 2018 and March 2019 as well.”
The center said that at least 300 patient records were published by unknown criminals or criminals that included names and contact information using anonymous Tor communication software. “The blackmailer has started contacting the victims of the security breach directly with a letter of contact,” it said.
The National Bureau of Investigation said that Vastamo’s “tens of thousands” of customers may have tampered with their personal data on Sunday. Police were searching for potential criminals both in Finland and abroad.
If the stolen information included a diagnosis, notes from medical sessions or other potentially harmful information, it was not immediately clear. Furthermore, it was unclear why the information was only now being exposed.
“What makes this case extraordinary is the content of the stolen material,” Marco Leponen, the chief investigator of the National Bureau of Investigation assigned to the case, told reporters.
Vastaamo urged customers to pay money in exchange for keeping their information private – reportedly dozens already – to contact Finnish police immediately.
The Finnish media reported that cybercriminals have demanded a ransom of 200 euros ($ 240) paid in bitcoins, unless paid within 24 hours. The psychiatry center also reportedly demanded a ransom of 450,000 euros ($ 534,000) in bitcoin.
Citizens reacted to the news with disbelief. It also prompted comments from Finland’s leaders. President Sauli Ninisto called blackmailing “cruel” and “repulsive”. Prime Minister Sana Marin said the hacking of such sensitive information was shocking in many ways.
The chief research officer of Finnish data security company F-Secure, Miko Hepponen, told the Finnish public broadcaster YLE that the case was also extraordinary internationally.
Hypönen, one of Finland’s leading data security experts and an internationally known lecturer on cyber threats, said, “I am not aware of any such case anywhere in the world with such misuse of patient records.” “
Hipponen also tweeted He “knew of only one other patient blackmail case that would be even remotely similar: the Center for Facial Restoration incident in Florida in 2019. It was a different medical area and had fewer victims, but the original idea was the same.” Was. ”
Various Finnish organizations have increasingly found ways to help victims of breech, including direct dial-in numbers with churches and medical services.
This version has been corrected to show the data security expert, saying that this case is extraordinary and not unethical.