What happened in the Vastaamo data breach?
Twingate Team
•
Mar 26, 2024
In October 2020, Vastaamo, a Finnish psychotherapy service provider, experienced a significant data breach that exposed sensitive patient information. The breach dates back to late 2018 and early 2019, and the hackers targeted both the company and its patients. This incident raised serious concerns about data privacy and the security measures in place to protect sensitive information in the healthcare industry.
How many accounts were compromised?
The breach impacted data related to approximately 30,000 individuals.
What data was leaked?
The data exposed in the breach included email addresses, names, social security numbers, and personal health information from psychotherapy sessions.
How was Vastaamo hacked?
The Vastaamo data breach occurred when hackers exploited inadequate security practices, gaining access to the company's unencrypted and non-anonymized patient database. The breach was a result of the system root not having a defined password.
Vastaamo's solution
Vastaamo took several steps to address the situation and mitigate the impact on its patients. The company offered free counseling sessions to those affected and continued providing therapy services as usual. Additionally, Vastaamo's CEO, Ville Tapio, was terminated, and the company eventually filed for bankruptcy.
How do I know if I was affected?
Vastaamo reached out to affected users following the data breach. If you were a Vastaamo patient and did not receive a notification, you can visit Have I Been Pwned.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for any accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report any unauthorized access or transactions to the appropriate parties.
For specific advice on Vastaamo's data breach, contact Vastaamo's support directly.
Where can I go to learn more?
If you want to find more information on the Vastaamo data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
What happened in the Vastaamo data breach?
Twingate Team
•
Mar 26, 2024
In October 2020, Vastaamo, a Finnish psychotherapy service provider, experienced a significant data breach that exposed sensitive patient information. The breach dates back to late 2018 and early 2019, and the hackers targeted both the company and its patients. This incident raised serious concerns about data privacy and the security measures in place to protect sensitive information in the healthcare industry.
How many accounts were compromised?
The breach impacted data related to approximately 30,000 individuals.
What data was leaked?
The data exposed in the breach included email addresses, names, social security numbers, and personal health information from psychotherapy sessions.
How was Vastaamo hacked?
The Vastaamo data breach occurred when hackers exploited inadequate security practices, gaining access to the company's unencrypted and non-anonymized patient database. The breach was a result of the system root not having a defined password.
Vastaamo's solution
Vastaamo took several steps to address the situation and mitigate the impact on its patients. The company offered free counseling sessions to those affected and continued providing therapy services as usual. Additionally, Vastaamo's CEO, Ville Tapio, was terminated, and the company eventually filed for bankruptcy.
How do I know if I was affected?
Vastaamo reached out to affected users following the data breach. If you were a Vastaamo patient and did not receive a notification, you can visit Have I Been Pwned.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for any accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report any unauthorized access or transactions to the appropriate parties.
For specific advice on Vastaamo's data breach, contact Vastaamo's support directly.
Where can I go to learn more?
If you want to find more information on the Vastaamo data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
What happened in the Vastaamo data breach?
Twingate Team
•
Mar 26, 2024
In October 2020, Vastaamo, a Finnish psychotherapy service provider, experienced a significant data breach that exposed sensitive patient information. The breach dates back to late 2018 and early 2019, and the hackers targeted both the company and its patients. This incident raised serious concerns about data privacy and the security measures in place to protect sensitive information in the healthcare industry.
How many accounts were compromised?
The breach impacted data related to approximately 30,000 individuals.
What data was leaked?
The data exposed in the breach included email addresses, names, social security numbers, and personal health information from psychotherapy sessions.
How was Vastaamo hacked?
The Vastaamo data breach occurred when hackers exploited inadequate security practices, gaining access to the company's unencrypted and non-anonymized patient database. The breach was a result of the system root not having a defined password.
Vastaamo's solution
Vastaamo took several steps to address the situation and mitigate the impact on its patients. The company offered free counseling sessions to those affected and continued providing therapy services as usual. Additionally, Vastaamo's CEO, Ville Tapio, was terminated, and the company eventually filed for bankruptcy.
How do I know if I was affected?
Vastaamo reached out to affected users following the data breach. If you were a Vastaamo patient and did not receive a notification, you can visit Have I Been Pwned.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for any accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report any unauthorized access or transactions to the appropriate parties.
For specific advice on Vastaamo's data breach, contact Vastaamo's support directly.
Where can I go to learn more?
If you want to find more information on the Vastaamo data breach, check out the following news articles: