Trial commences in Finland for 26 y/o who allegedly blackmailed psychotherapy patients

[thewayne]

The twerp hacked Vastaamo Psychotherapy Center and stole all their patient files, which included notes taken during therapy sessions. The center refused to pay a six-figure ransom, so he switched to trying to extort the individual patients for 500 Euro each. That didn't prove a revenue generator either, so he dumped all the files on a dark web site. This was October 2020.

In February 2023 he was arrested by French police when the man, 6'3" and green-eyed, presented Romanian identification which proved false. His attorneys asked for his release during the trial as he had already been jailed for eight months. The judge declared that he was still a flight risk and ordered him held for the duration of the trial.

https://krebsonsecurity.com/2023/11/alleged-extortioner-of-psychotherapy-patients-faces-trial/

Comments

[silveradept]

I'm a bit surprised that both attempts at mass extortion failed. Usually someone is willing to pay up because they're embarrassed at the information being leaked, but maybe these patients all shrugged and thought that since it was already in the hands of far too many people, more wouldn't hurt them any?

[thewayne]

The USA is encouraging governments around the world to encourage businesses to stop paying ransomware demands, but the desire to keep dirty laundry from being aired is strong.  In this case, I don't know why the practice didn't pay up.  Honor, too much money demanded, lack of trust that the attacker wouldn't reveal the information anyway: I don't know.  In my case, I'm pretty confident that a lot of my medical records have been spilled as they're all over the place with the number of doctors that I've seen over the last 15 years.  If they were to become public, it wouldn't particularly bother me - but I also don't have psych records.  Now THAT might bother me if I did!