Healthcare providers continue to be targeted by ransomware attackers. According to reports, a healthcare provider in Finland was hacked and the attackers demanded 40 bitcoins (or about $525,000) on the threat of public disclosure of patient psychotherapy records. Businesses in the US hearing these facts might be thinking of the recent advisory issued by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) alerting companies of the potential sanctions risk for facilitating ransomware payments. The 22-location psychotherapy provider, Vastaamo, refused to pay the ransom. When the attackers did not get paid by the provider, patients began receiving emails demanding payment of smaller amounts to avoid disclosure. You can learn more about this attack here.