cross-posted from: https://discuss.tchncs.de/post/10692187

so, the company was Vastaamo. was because it got bankrupt after the breach, and GDPR violations.

the “hacker”(or rather cracker) was extradited from France to Finland.
you can read about how terrible the company’s security was here: https://tietosuoja.fi/en/-/administrative-fine-imposed-on-psychotherapy-centre-vastaamo-for-data-protection-violations

or watch mental outlaw’s video on the matter, or the Wikipedia article on the breach.

now there are several things that shouldn’t have happened (e.g.: don’t do these things on your main OS, have root access disabled, etc.), but I’ll leave that to you experts.

  • @[email protected]
    939 months ago

    While in the U.S., your mental health data are just on the market, waiting to be brought.

    https://www.ftc.gov/business-guidance/blog/2023/03/ftc-says-online-counseling-service-betterhelp-pushed-people-handing-over-health-information-broke

    In the good case, there will be a class action law suit, and every victim will get approximately 2 dollars back for all their health data sold; but only after giving more sensitive information to the company that distributes these two dollars.

    https://www.morrisbart.com/faqs/how-is-money-divided-in-a-class-action-lawsuit/

    What a fun time to be alive.

    • @randoot
      259 months ago

      What the fuck, I had no idea about betterhelp being so scummy.

      • @chiliedogg
        559 months ago

        I firmly believe any service that advertises that much on YouTube and podcasts is evil.

        I’m waiting to hear about Hello Fresh’s child trafficking ring or whatever they’re up to.

        • @Agent641
          149 months ago

          pulls off loose sticker from box

          ‘Hello Flesh’

          Its made of people!

        • @WhiskyTangoFoxtrot
          139 months ago

          Yeah. Turns out, Raid: Shadow Legends is just about the least scummy thing being advertised on YouTube.

          • @[email protected]
            139 months ago

            Raid Shadow Legends is connected to an Israeli gambling company

            Anything that advertises heavily is most likely to be a piece of shit

          • @[email protected]
            89 months ago

            I find Nord’s sponsor scripts misleading at the best and lies at the worst but the service for what it is is pretty good. Still would recommend Mullvad

            • @[email protected]
              69 months ago

              but the service for what it is is pretty good

              I disagree. Most people wouldn’t need it at all, and for most people that would actually need it it’s useless due to not supporting port forwarding

              • @[email protected]
                19 months ago

                Mainly so someone doesn’t get my ip and know my city and sometimes I sail the high seas

                I know ip is useless. I just don’t want someone to get my city and send an investigator

                I fully agree with your point. I feel like sponsor scripts should say these points. 1: if somebody sends you an ip tracker link Nord won’t leak your IP 2. if you want to watch georestricted content 3. If you are on someone else’s network and you don’t want them peeping your websites. 4. 🏴‍☠️

                • @[email protected]
                  19 months ago

                  and sometimes I sail the high seas

                  Yeah, but it’s useless for that. If you pirate from Usenet or one click hosters you don’t need a VPN, and if you use torrents or other peer to peer protocols you need port forwarding, which NordVPN doesn’t support