The threat of cyber attacks has reached a new level. Cybercriminals no longer only target companies, but increasingly also individuals. The cyber attack on the psychotherapy company Vastaamo, as a result of which patients were extorted for vulnerability, recently showed how serious the consequences can be.
Hackers are increasingly attacking companies and infrastructures such as the healthcare industry. In addition, their attacks have hit a new low, with cybercriminals beginning to use ransom against individuals affected by data leaks. The cyber attack on the Finnish company Vastaamo is a particularly illuminating and cruel example of this new threat. Vastaamo suffered a data leak in which around 40,000 patient documents were stolen. The results show the serious consequences of inadequate cybersecurity.
First, a cyber criminal demanded a leak from the company. This requirement was then very quickly extended to individual patients affected by the data. The hacker announced in a Finnish website that he had started to publish patient information on networks. The announcement was alarming as the compromised information contained psychotherapeutic counseling logs from thousands of people, including children, whose names are linked to the files. At the same time, the attacker blackmailed individual patients by email.
Ransom Demand On Individuals
This ransom demand on individuals is what makes this case so worrying. It gives the data leak a new component. Not only are the most intimate thoughts of those affected revealed, but the same people are also under pressure to pay a ransom. In the Vastaamo case, hackers use data against unstable people, isolate them and thus restrict files. The efforts of the security community are all the more commendable: a website helps victims deal with the consequences of the leak and prevent data theft and damage to their reputation.