Tag: hacker attack

Patients blackmailed after data breach at Finnish private psychotherapy center

9. November 2020

An unknown party breached Vastaamo, a Finnish private psychotherapy center. They accessed the electronic patient record, gathering thousands of confidential patient records.  According to a message left on a Finnish web-forum, they accessed up to 40 000 confidential records of psychotherapy patients. These include not only confidential information regarding therapy sessions but also personal information, such as the social security number. In Finland, this number allows the user to take on credits or found companies. On September 29th Vastaamo notified the Finnish authorities, while they notified the affected via E-Mail and letter after October 21st.

Though the attack prompted an emergency meeting of the Finnish Cabinet, up until now neither Finnish authorities nor Vastaamo released information, regarding the nature of the breach.

The initial breach likely occurred in November 2018, while it is believed, there was a second attack that occurred before March 2019. In September 2020, the hackers contacted Vastaamo, demanding a payment of 40 Bitcoin (€ 450 000,00). Vastaamo refused to pay and instead contacted the police and other Finnish authorities. On instruction by the Finnish National Police, Vastaamo published information regarding the data breach, only after some of the data was published on the Tor Network on October 21st. Furthermore, the Board dismissed former CEO Ville Tapio, claiming he concealed the breach.

Also, in late October, the hackers sent messages to patients and employees of Vastaamo, threatening to post their patient files on the internet and demanding payments in Bitcoin. The national police advise victims from paying the hacker but instead ask them to save extortion emails or other evidence and file a police report. Until October 30th, Finland’s national police received up to 15 000 reports of offenses regarding this data-breach.

The National Supervisory Authority for Welfare and Health started an investigation of Vastaamo, while the Social Insurance Institution of Finland stopped referrals to Vastaamo.

Ever since the beginning of the Covid-19 pandemic the healthcare and the public health sectors are attacked more recently, especially in the form of ransomware  The FBI’s Cyber Security Unit (CISA) and the US Department of Health and Human Services have issued a joint advisory regarding the matter. Adding to that, according to IBM’s annual Cost of a Data Breach Report, the healthcare sector has the highest average breach cost, at 7.13 million per breach.

 

 

easyJet Data Breach: 9 million customers affected

22. May 2020

The British airline ‘easyJet’ has been hacked. The hackers have been able to access personal data of approximately 9 million customers.

easyJet published a statement on the hacker attack and announced that e-mail addresses and travel details were among the concerned personal data of customers. Which personal data in detail belong to ‘travel data’ was not disclosed. In some cases, the hackers could also access credit card data. easyJet stated that there is no proof, that the accessed personal data was abused. easyjet now warns about fake mails in his name as well as in the name of ‘easyJet Holidays’.

The hack was noticed by easyJet in January, but was only made public this week. With becoming aware of the attack, easyJet took several measures and has blocked the unauthorized access in the meantime. easyJet is also in contact with the British Data Protection Authority ‘ICO’ and the National Security Center.

At this time, easyJet has not yet been able to evaluate how the attack could have occurred, but easyJet explained, that the hacker attack was no ‘general’ hacker attack, since the attack was very sophisticated compared to other hacker attacks. It is suspected that the attack originated from a group that has already hacked other airlines, such as British Airways in 2018.

easyJet announced that they will get in contact with concerned data subjects until May 26th to inform those about the breach and to explain further measures which should be taken in order to decrease the risk. easyJet customers who will not receive a statement until then are not concerned by the breach.

In connection with hacker attacks like these the risk for phishing attacks is the highest. In phishing attacks, criminals use fake e-mails, for example on behalf of well-known companies or authorities, to try to persuade users to pass on personal data or to click on prepared e-mail attachments containing malware.

Australia: Parliament and Parties hacked

18. February 2019

Prime Minister Scott Morrison reports that the governing Liberal Party of Australia and the governing National Party of Australia as well as the strongest opposition party, Labor Party were the target of an cyber attack on Parliament’s server. It is assumed that the server was attacked by a foreign government. Not affected by the breach were the ministers an their offices because they operate on different computer servers.

The attack was discovered on the 8th of February 2019 during an investigation of a breach of Parliament House’s computer. According to the statement of the nation’s chief cyber security adviser, Alistair MacGibbon, who is the head of the Australian Cyber Security Centre, it is too early to tell whether and what information the hackers had accessed.

At the moment, election influences of the upcoming nationwide elections can be excluded.

As a first measure the security agency reset passwords after detecting the breach so that the politicians and their staff lost access to their emails.