The hackers are also contacting the patients directly. A friend of ours was a Vastaamo customer a couple of years ago and received their extortion email yesterday.
The amount demanded initially surprised me as being quite affordable, but I guess that's how extortion / blackmail works - there's never just one payment. It was different to the amount specified in the article.
NB: Everyone in the leak got that email, and all of those emails have the same bitcoin wallet. [To be exact, emails went out in batches and each batch has a shared wallet].
We've been trying to spread the good word and make people understand the hackers can't know who paid, because they didn't generate a wallet for every single user. If they can't know who paid, how would they be able to delete your data.
But many people will probably end up paying, because 200 euros seems like a low price to keep your dignity and privacy.
Do you have a source for the Bitcoin addresses being reused? I ask because YLE is running an article claiming each address is unique, meaning the extortionist could identify who has paid. If that is not the case, I'd like to notify YLE about it as it's a pretty important point.
someone is contacting the patients. The archive of patient data, a 10 GB file apparently, is said to have been available on TOR for a while. (I have not verified this, I'm relying on Finnish media here.) Whoever is mailing patients with demands, may or may not be the original extortionist. Either way, it does not seem like anyone can keep the data from being disseminated now, so paying ransoms is pointless.
The amount demanded initially surprised me as being quite affordable, but I guess that's how extortion / blackmail works - there's never just one payment. It was different to the amount specified in the article.