Summary

NCSC-FI provides comprehensive Q&A for victims of the Vastaamo data breach, addressing blackmail emails and providing guidance on actions to take when personal information has been leaked.

Details

Event Type: Data Breach - Victim Guidance

Incident Context: Vastaamo customer data breach with blackmail

Key Issues Addressed:

• Blackmail emails related to breach
• Identity theft concerns
• Actions when personal information leaked
• Actions when leak is suspected
• Support for victims and loved ones

Response Commitment: NCSC-FI responding to messages as soon as possible; page updated as new information available

Impact Assessment

Severity: Critical

Scope: National (Finland) - Multiple victims

Attack Characteristics: Data breach combined with extortion/blackmail

Support Level: Ongoing Q&A and guidance updates

Notes

Source is in English from NCSC-FI. This incident combines data breach with active extortion, making it particularly severe. Victims and families need extensive support.