[go: up one dir, main page]

An Entity of Type: Thing, from Named Graph: http://dbpedia.org, within Data Space: dbpedia.org

Vastaamo was a Finnish private psychotherapy service provider founded in 2008. On 21 October 2020, Vastaamo announced that its patient database had been hacked. Private information obtained by the perpetrators was used in an attempt to extort Vastaamo and, later, its clients. The extorters demanded 40 bitcoins, roughly 450,000 euros, and threatened to publish the records if the ransom was not paid. To add pressure to their demands, the extorters published hundreds of patient records a day on a Tor message board. After extortion of the company failed, the extorters sent emails to the victims demanding them to pay ransoms in order to avoid publishing their sensitive personal data. The ransom demands were sent to roughly 30,000 victims. The company's security practices were found to be inadeq

Property Value
dbo:abstract
  • Vastaamo was a Finnish private psychotherapy service provider founded in 2008. On 21 October 2020, Vastaamo announced that its patient database had been hacked. Private information obtained by the perpetrators was used in an attempt to extort Vastaamo and, later, its clients. The extorters demanded 40 bitcoins, roughly 450,000 euros, and threatened to publish the records if the ransom was not paid. To add pressure to their demands, the extorters published hundreds of patient records a day on a Tor message board. After extortion of the company failed, the extorters sent emails to the victims demanding them to pay ransoms in order to avoid publishing their sensitive personal data. The ransom demands were sent to roughly 30,000 victims. The company's security practices were found to be inadequate: the sensitive data was not encrypted and anonymized and the system root did not have a defined password. The patient records were first accessed by intruders in November 2018, while the security flaws continued to exist until March 2019. In December 2021, the Finnish Data Protection Authority (DPA) fined Vastaamo 608,000 euros for violating the provisions of the General Data Protection Regulation (GDPR). This cyber-attack became the biggest criminal case in Finland history. It also turned into an international scandal and a cyber-attack unprecedented in its scope due to the tactic called double extortion applied by the cyber criminals. On October 28, 2022, the National Bureau of Investigation named the suspect behind the breach as 25-year-old Aleksanteri Julius Kivimäki. Kivimäki was charged in absentia at Helsinki District Court for aggravated data breach, aggravated attempted extortion, aggravated distribution of information infringing private life, blackmail, breach of confidentiality, breach of confidentiality and falsification of evidence. A warrant was filed with Europol and Interpol against Kivimäki, who has said he was in Dubai. In 2015, Kivimäki, then a member of Lizard Squad, was found guilty on over 50,000 counts of computer crime. (en)
dbo:thumbnail
dbo:wikiPageID
  • 65699237 (xsd:integer)
dbo:wikiPageLength
  • 17272 (xsd:nonNegativeInteger)
dbo:wikiPageRevisionID
  • 1123051935 (xsd:integer)
dbo:wikiPageWikiLink
dbp:date
  • 0001-10-21 (xsd:gMonthDay)
dbp:location
  • Finland (en)
dbp:suspects
  • Aleksanteri Julius Kivimäki (en)
dbp:target
  • Vastaamo (en)
dbp:type
  • cyberattack, data breach, ransomware (en)
dbp:wikiPageUsesTemplate
dcterms:subject
rdfs:comment
  • Vastaamo was a Finnish private psychotherapy service provider founded in 2008. On 21 October 2020, Vastaamo announced that its patient database had been hacked. Private information obtained by the perpetrators was used in an attempt to extort Vastaamo and, later, its clients. The extorters demanded 40 bitcoins, roughly 450,000 euros, and threatened to publish the records if the ransom was not paid. To add pressure to their demands, the extorters published hundreds of patient records a day on a Tor message board. After extortion of the company failed, the extorters sent emails to the victims demanding them to pay ransoms in order to avoid publishing their sensitive personal data. The ransom demands were sent to roughly 30,000 victims. The company's security practices were found to be inadeq (en)
rdfs:label
  • Vastaamo data breach (en)
owl:sameAs
prov:wasDerivedFrom
foaf:depiction
foaf:isPrimaryTopicOf
is dbo:wikiPageRedirects of
is dbo:wikiPageWikiLink of
is foaf:primaryTopic of
Powered by OpenLink Virtuoso    This material is Open Knowledge     W3C Semantic Web Technology     This material is Open Knowledge    Valid XHTML + RDFa
This content was extracted from Wikipedia and is licensed under the Creative Commons Attribution-ShareAlike 3.0 Unported License