A group of hackers managed to compromise the networks of Vastaamo, a psychotherapy clinic established in Finland in order to block access to information and demand a ransom in exchange for restoring everything to normal. This clinic has more than 20 branches throughout the country, including one in the capital, Helsinki.
In this regard, the company has already released a statement acknowledging the incident: “A threat actor has contacted us stating that it has access to confidential information from our customers; we are aware that data from some registered users after November 2018 has been exposed as a result of this intrusion.”
Although the company makes no mention of the method of attack it suffered, local media reports that the company is being extorted by an unidentified hacking group. Vastaamo has already notified the incident to the competent authorities, in addition to initiating an internal investigation.
In addition to initiating the investigation of this incident, the company’s IT team has begun implementing better security measures to prevent similar incidents from happening again: “We are doing our best to prevent the leakage of sensitive data,” the company’s release says.
It is unclear whether Vastaamo suffered a ransomware attack, although everything indicates that it is one, as this is not the first time the company suffers a similar incident. A few months ago, a group of ransomware operators encrypted the victims’ systems, as well as extracting their users’ data and employing it to extort the company.
As in other incidents, cybersecurity specialists do not recommend paying extortionists as there is no guarantee about information retrieval.
Finally, Vastaamo customers are advised to closely monitor their bank statements and not respond to any unsolicited email or text message or where they are asked to provide their login credentials.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.