Following the news of the data breach at Vastaamo Psychotherapy clinic in Finland, it’s clear that when it comes to ransom-worthy personal details no data is safe, no matter how sensitive.
Taking risks with cybersecurity is no longer an option especially in the healthcare industry.
No data is safe, no matter how sensitive. As the price of personal data climbs on the dark web, the recent security breach at private Finnish psychotherapy centre, Vastaamo, is further testament to the fact that cybercriminals will leave no stone unturned on their hunt for ransom-worthy personal details.
With up to tens of thousands of clients now concerned about the availability of their sensitive, personal data on the dark web, this is one of most disturbing examples of gross misuse of patient records in recent history.
The healthcare industry appeals to hackers due to the nature of the data it handles, the amount of Internet of things (IoT) devices collecting sensitive data, the continued use of insecure, legacy devices and the fact that IT and security teams in the health sector lack the resources to deal with the modern threat landscape. Sadly, ransomware and information stealers are the most common type of malware used against the healthcare sector. BlackBerry’s 2020 Threat Report uncovered that globally, healthcare organisations are more likely to pay ransoms than any other industry due to the critical nature of the targeted data.
We are all cautious about our personal information, and rightfully so. This breach should serve as an important reminder to healthcare organisations everywhere that service users place a great deal of trust in their practitioner, and this shouldn’t be taken lightly. Companies which are not deploying fully up to date cybersecurity that tracks and defends against new threats are playing with fire, and in the world of healthcare this is too great a risk.