Cybercriminals reportedly posted batches of Vastaamo's patient information on the dark web and claimed that individual people could protect their data by directly paying a ransom.