Alleged Extortioner of Psychotherapy Patients Faces Trial

Prosecutors in Finland this week commenced their criminal trial against Julius Kivimäki, a 26-year-old Finnish man charged with extorting a once popular and now-bankrupt online psychotherapy practice and thousands of its patients. In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats. Continue reading Alleged Extortioner of Psychotherapy Patients Faces Trial

Why the extortion of Vastaamo matters far beyond Finland — and how cyber pros are responding

Even for veterans of cybercriminal investigations, the recent extortion of a psychotherapy practice in Finland has been unusual — and disturbing. Rather than sticking only to the common tactic of trying to shake down a breached organization, the attackers who stole tens of thousands of patient records from Vastaamo also demanded ransoms from individual people. In doing so, the thieves have been leveraging some of the most sensitive medical data imaginable, and making it difficult for victims to respond collectively. “Therapeutic notes are at a different level of privacy problems,” said Mikko Hypponen, chief research officer at Finnish cybersecurity company F-Secure. “I know of a handful of cases where patients were blackmailed for their health data, but those were much smaller breaches. There’s never been a crime in Finland with so many victims as in this one.” While the incident has rocked Finland, prompting an emergency government meeting and costing Vastaamo’s CEO his job, […]

The post Why the extortion of Vastaamo matters far beyond Finland — and how cyber pros are responding appeared first on CyberScoop.

Continue reading Why the extortion of Vastaamo matters far beyond Finland — and how cyber pros are responding

Data breach at Finnish psychotherapy center takes a darker turn with extortion attempts

The response to a data breach at a prominent Finnish psychotherapy practice intensified over the weekend after cybercriminals reportedly posted batches of patient information on the dark web and claimed that individual people could protect their data by directly paying a ransom. The breach at Vastaamo, which has locations throughout Finland, prompted an emergency meeting of the country’s Cabinet on Sunday. The company said the incident happened as early as November 2018. Local news reports say the attackers didn’t contact Vastaamo with any demands until September of this year. Neither the company nor Finnish investigators have released many details about the nature of the breach, but reports say the attackers initially sought a payment of about 450,000 euros to protect about 40,000 patient records. The company reportedly did not pay up. Given the scale of the attack and the sensitive nature of the stolen data, the case has become a […]

The post Data breach at Finnish psychotherapy center takes a darker turn with extortion attempts appeared first on CyberScoop.

Continue reading Data breach at Finnish psychotherapy center takes a darker turn with extortion attempts