In October 2020, the Finnish psychotherapy service Vastaamo was the subject of a ransomware attack targeting first the company itself, followed by their patients directly. The original security incident dates back to a period between late 2018 and early 2019 and exposed data including 30k unique email addresses, names, social security numbers and notes on individuals’ psychotherapy sessions. This breach has been flagged as "sensitive" and is only searchable by owners of the email addresses and domains exposed in the incident.
Accounts breached: 30433
Breached on: March 31, 2019
Exposed data: Email addresses, Names, Personal health data, and Social security numbers
Added on: July 17, 2021