[BreachExchange] Psychotherapy centre data breach victims receive extortion emails psychotherapy

Destry Winant destry at riskbasedsecurity.com
Tue Oct 27 10:25:56 EDT 2020


https://yle.fi/uutiset/osasto/news/psychotherapy_centre_data_breach_victims_receive_personalised_extortion_emails/11612230

An extortionist is now sending individual emails to a psychotherapy
centre's patients asking them to transfer hundreds of euros in Bitcoin
to stop their patient records being published online.

As well as their personal data, the extortionist told them that
records of their discussions with therapists would be published.

It is not known whether the extortionist is the same individual or
group that hacked the data in the first place.

Individual emails were sent on Saturday evening, with Yle receiving
messages from 8pm onwards. All the victims described receiving the
same message.

Read more: Victim Support calls increase after psychotherapy centre data hack

The extortionist wrote that recipients must pay 200 euros within 24
hours, or if they don't meet that deadline, 500 euros within 48 hours.

Messages demanded that the payments be made in Bitcoin.

The extortionist threatened to publish personal data and records
psychotherapy sessions if victims did not pay up.

Police advised victims not to comply with the demands, to report the
message and their contents to police, and to keep the message and any
other evidence safe.

The National Bureau of Investigation (NBI) said it is impossible to
say whether the extortionist is the original hacker or not.


More information about the BreachExchange mailing list