Suspect your data has been hacked? Take these steps now

National Cyber Security Centre has compiled a list of recommendations for victims of psychotherapy centre data breach.

Hundreds of patients' sensitive information was leaked online after a data breach at a psychotherapy centre. Image: Silja Viitala / Yle

Hundreds of unsuspecting patients of the Vaastamao psychotherapy centre are grappling with the effects of a massive data breach that has seen hackers publish their sensitive information online.

The privately-run psychotherapy centre which treats patients from the Oulu and Tampere University hospital districts has now revealed that its systems were in fact hacked twice.

An extortionist is now sending individual emails to the psychotherapy centre's patients asking them to transfer hundreds of euros in Bitcoin to stop their patient records being published online.

Victim Support Finland has a guide (siirryt toiseen palveluun) to what to do next if you receive one of these emails or believe your details may have been hacked.

Where victims can seek support:

Mental Health Finland MIELI’s crisis helpline (siirryt toiseen palveluun)
Service in Finnish: 09 2525 0111
Service in Arabic and English: 09 2525 0113
Service in Swedish: 09 2525 0112
Victim Support Finland (RIKU) (siirryt toiseen palveluun): 116 006 (service primarily in Finnish)
Finnish Red Cross helpline: (siirryt toiseen palveluun) 0800 100 200 (service in Finnish)
Vastaamo’s crisis helpline (siirryt toiseen palveluun): 044 4141 99 (service in Finnish)

National Cyber Security Centre's recommendations for victims

The National Cyber Security Centre has compiled a list of recommendations for victims who suspect their personal information has been stolen or those who have received extortion messages.

Prevent financial damage: Contact your bank immediately to check if your online banking credentials or credit card information has been compromised.

Report the crime: You can report a crime electronically by following the instructions here (siirryt toiseen palveluun). If you have received extortion messages, do not pay the requested money. Accurately record all information about the sender in the crime report. Preserve emails, messages, screenshots and any other evidence.

Request ban on credit report: The National Cyber Security Center recommends requesting a ban on your credit report, on the services of both Suomen Asiakastieto and Bisnode Finland in order to reduce the risk of your credit information being compromised.

Request address protection: Posti allows you to ensure that change of address notifications cannot be submitted to Posti on your behalf without authorisation. More information here (siirryt toiseen palveluun).

You can also get in touch with the Digital and Population Data Services Agency DVV to request a prohibition of disclosure of your personal information here (siirryt toiseen palveluun)(in Finnish)

Protect information at the Finnish Patent and Registration Office: Request not to be entered in the Trade Register without express consent. Also, make sure personal information cannot be changed without explicit permission.