DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Finnish therapy clinic’s CEO fired after nightmare breach

Posted on October 28, 2020 by Dissent

There’s a small update to the horrific breach involving Finnish psychotherapy patients seen at Vastaamo locations.

Vastaamo’s CEO  Ville Tapio has been fired. Graham Cluley brings us up to date on that:

An investigation has uncovered that the database of customer details and therapy session notes was first breached in November 2018, but there was another security breach in mid-March 2019 which apparently CEO Ville Tapio knew about but – for reasons best known to himself – did not inform the appropriate authorities or with other members of Vastaamo’s board.

News of Vastaamo’s devastating data breach was not made public until 18 months later on October 21, 2020, and Tapio was dismissed yesterday.

So there was a second breach, it seems, and it wasn’t just one bigger breach.  Okay.

Another new revelation may not be related to the specific breach as much as sloppy data security and violation of GDPR. YLE.fi reports:

The troubled psychotherapy centre Vastaamo sent at least some of its customers invoices that included their government-issued personal ID numbers in unsecured emails.

The private mental health services firm has been at the centre of a hacking and blackmail scandal for the past week after it emerged that highly sensitive information on thousands of patients had been stolen from its database.

Read more about that issue on YLE.fi.

Related posts:

  • Young Finnish man detained in absentia over data breach at Vastaamo
Category: HackHealth DataNon-U.S.

Post navigation

← Japan’s Nuclear Regulator Suspects Cyberattack, Halts Email
AU: ADHA records two My Health Record security incidents in FY20 →

2 thoughts on “Finnish therapy clinic’s CEO fired after nightmare breach”

  1. KC Massage says:
    October 28, 2020 at 10:38 pm

    OMG I wonder what happened to the patients if they’ve been blackmailed or what

    1. Dissent says:
      October 28, 2020 at 10:43 pm

      Read the original coverage. They’re being extorted. This is one of the worst breaches ever.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure
  • Kentfield Hospital victim of cyberattack by World Leaks, patient data involved
  • India’s Max Financial says hacker accessed customer data from its insurance unit
  • Brazil’s central bank service provider hacked, $140M stolen
  • Iranian and Pro-Regime Cyberattacks Against Americans (2011-Present)
  • Nigerian National Pleads Guilty to International Fraud Scheme that Defrauded Elderly U.S. Victims
  • Nova Scotia Power Data Breach Exposed Information of 280,000 Customers
  • No need to hack when it’s leaking: Brandt Kettwick Defense edition
  • SK Telecom to be fined for late data breach report, ordered to waive cancellation fees, criminal investigation into them launched
  • Louis Vuitton Korea suffers cyberattack as customer data leaked

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • On July 7, Gemini AI will access your WhatsApp and more. Learn how to disable it on Android.
  • German court awards Facebook user €5,000 for data protection violations
  • Record-Breaking $1.55M CCPA Settlement Against Health Information Website Publisher
  • Ninth Circuit Reviews Website Tracking Class Actions and the Reach of California’s Privacy Law
  • US healthcare offshoring: Navigating patient data privacy laws and regulations
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • Google Trackers: What You Can Actually Escape And What You Can’t

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.