DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Finnish therapy clinic’s CEO fired after nightmare breach

Posted on October 28, 2020 by Dissent

There’s a small update to the horrific breach involving Finnish psychotherapy patients seen at Vastaamo locations.

Vastaamo’s CEO  Ville Tapio has been fired. Graham Cluley brings us up to date on that:

An investigation has uncovered that the database of customer details and therapy session notes was first breached in November 2018, but there was another security breach in mid-March 2019 which apparently CEO Ville Tapio knew about but – for reasons best known to himself – did not inform the appropriate authorities or with other members of Vastaamo’s board.

News of Vastaamo’s devastating data breach was not made public until 18 months later on October 21, 2020, and Tapio was dismissed yesterday.

So there was a second breach, it seems, and it wasn’t just one bigger breach.  Okay.

Another new revelation may not be related to the specific breach as much as sloppy data security and violation of GDPR. YLE.fi reports:

The troubled psychotherapy centre Vastaamo sent at least some of its customers invoices that included their government-issued personal ID numbers in unsecured emails.

The private mental health services firm has been at the centre of a hacking and blackmail scandal for the past week after it emerged that highly sensitive information on thousands of patients had been stolen from its database.

Read more about that issue on YLE.fi.

Related posts:

  • Administrative fine imposed on psychotherapy centre Vastaamo for data protection violations
  • A nightmare breach involving psychotherapy records just got worse
  • Young Finnish man detained in absentia over data breach at Vastaamo
  • Thousands of Vastaamo leak victims seek higher compensation
Category: HackHealth DataNon-U.S.

Post navigation

← Japan’s Nuclear Regulator Suspects Cyberattack, Halts Email
AU: ADHA records two My Health Record security incidents in FY20 →

2 thoughts on “Finnish therapy clinic’s CEO fired after nightmare breach”

  1. KC Massage says:
    October 28, 2020 at 10:38 pm

    OMG I wonder what happened to the patients if they’ve been blackmailed or what

    1. Dissent says:
      October 28, 2020 at 10:43 pm

      Read the original coverage. They’re being extorted. This is one of the worst breaches ever.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.