![This photo taken on August 4, 2020 shows Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, using his computer at their office in Dongguan, China's southern Guangdong province. - From a small, dingy office tucked away in an industrial city in southern China, one of China's last "volunteer hacker" groups maintains a final outpost in its patriotic hacking war. (Photo by NICOLAS ASFOURI / AFP) / TO GO WITH China-hacking-security,FOCUS by Laurie Chen / The erroneous mention[s] appearing in the metadata of this photo by NICOLAS ASFOURI has been modified in AFP systems in the following, we removed the HOLD HOLD HOLD in the main caption. Please immediately remove the erroneous mention[s] from all your online services and delete it (them) from your servers. If you have been authorized by AFP to distribute it (them) to third parties, please ensure that the same actions are carried out by them. Failure to promptly comply with these instructions will entail liability on your part for any continued or post notification usage. Therefore we thank you very much for all your attention and prompt action. We are sorry for the inconvenience this notification may cause and remain at your disposal for any further information you may require. (Photo by NICOLAS ASFOURI/AFP via Getty Images)](https://media.cnn.com/api/v1/images/stellar/prod/210621154549-hackers-keyboard.jpg?q=x_0,y_131,h_1419,w_2523,c_crop/w_250)
The confidential records of thousands of psychotherapy patients in Finland have been hacked and some are now facing the threat of blackmail.
Attackers were able to steal records related to therapy sessions, as well as patients’ personal information including social security numbers and addresses, according to Vastaamo, the country’s largest private psychotherapy center. The stolen records do not spell out specific discussions with patients, but they do include care plans and narrower professional entries.
Authorities are working to track down patients who received emails threatening to disclose personal information unless the recipient pays the blackmailer. Some of the records have already leaked online.
Finnish police are working with other agencies to investigate the data breach that targeted Vastaamo, which treats roughly 40,000 patients across the country. Police believe the number of affected patients could rise to the tens of thousands.
“We are grateful for how various actors in society have helped the police,” said Marko Leponen, a detective inspector at Finland’s National Bureau of Investigation. “It is particularly great that citizens are urging all not to share this material on social media. Sharing such information fulfills the essential elements of an offence,” he added.
Some of the victims have received emails demanding payments in bitcoin to prevent the public disclosure of their personal information, which authorities are discouraging victims from doing. Instead, agencies are asking those patients to save extortion emails and other possible evidence they may have received and file a police report. Police have also discouraged people from paying the hackers, saying it will not ensure their data remains private.
Finland’s leaders have expressed dismay at the breach and said the victims need immediate support.
“This data breach is shocking in many ways,” Finland’s Prime Minister, Sanna Marin, said on Twitter Saturday. “Victims now need support and help. Ministries are exploring ways to help victims. Action by municipalities and organizations are also needed.”
The country’s president Sauli Niinistö told Yle News on Sunday that the breach was “relentlessly cruel.”
“We all have our inner personality that we want to protect. Now it has been violated,” he said.
Vastaamo said it has started an internal inquiry into the matter and admitted on its website Monday that its patient database was first accessed by hackers back in November 2018. The company said security flaws continued to persist until March 2019. The company also announced Monday it had fired its CEO, Ville Tapio, after it was discovered he concealed a breach from the company’s board and parent company.
Tapio said he did not know about the initial data breach back in November 2018, in a statement released Monday evening on his Facebook page.
Finland’s transport and communications agency, Traficom, said on Monday it has worked with other public authorities to set up a website to help the victims.
“In this concerning situation, the need arose to make up-to-date information available in a single place,” Traficom director-general Kirsi Karlamaa said. “We hope that the site is useful to them in this difficult situation.”
CNN’s Sharif Paget contributed to this report from Atlanta.
