ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Vastaamo Data Breach

vastaamo.fi
Limited exposure
Verified breach Sensitive
Accounts exposed 30,433
Breach date 31 Mar 2019
Added to tracker 17 Jul 2021
Data classes 4

What happened

In October 2020, the Finnish psychotherapy service Vastaamo was the subject of a ransomware attack targeting first the company itself, followed by their patients directly. The original security incident dates back to a period between late 2018 and early 2019 and exposed data including 30k unique email addresses, names, social security numbers and notes on individuals' psychotherapy sessions. This breach has been flagged as "sensitive" and is only searchable by owners of the email addresses and domains exposed in the incident.

Exposed data

Email addresses Names Personal health data Social security numbers

Recommended actions

  • Watch for targeted phishing emails referencing Vastaamo โ€” attackers weaponise breach data quickly.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP