Finnish Hacker Sentenced for Blackmailing Therapy Patients

Finnish Hacker Sentenced for Blackmailing Therapy Patients

Varvara Ivanova
2 min read

Finnish Hacker Sentenced for Therapy Notes Theft and Blackmailing Patients

A Finnish hacker, Aleksanteri "Julius" Kivimäki, has been sentenced to six years and three months in prison for stealing confidential therapy notes and blackmailing thousands of patients. The case involved Kivimäki targeting around 33,000 people and demanding a ransom of over 400,000 euros from the therapy company, Vastaamo. Following the company's refusal to comply, Kivimäki resorted to emailing patients, asking for 200 euros while threatening to publish their confidential therapy notes online if they did not pay. The severity of the situation became apparent when at least one suicide was linked to the case. Despite Kivimäki’s denial of the charges, evidence presented during the trial clearly indicated his involvement. Notably, the court proceedings have yet to address compensation claims for the victims, underscoring the disproportionate susceptibility of healthcare data to extortion. It is worth noting that healthcare data breaches affected over 40 million people in the US in 2021.

Key Takeaways

  • Finnish hacker Aleksanteri "Julius" Kivimäki sentenced to 6 years and 3 months in prison for stealing therapy notes and blackmailing patients.
  • Kivimäki illegally hacked therapy company Vastaamo in 2018, copied the patient database, and demanded a ransom of over 400,000 euros in 2020.
  • Following the company's refusal to pay, Kivimäki emailed thousands of patients asking for 200 euros and threatened to publish confidential therapy notes and personal details online if they didn't pay.
  • A significant amount of confidential data, including patients' personal details, Social Security numbers, and sensitive therapist and doctor notes, surfaced on the dark web.
  • At least one suicide has been linked to the case, highlighting the disproportionate susceptibility of healthcare data to extortion.


The sentencing of Finnish hacker Julius Kivimäki exposes the lapses in security measures within healthcare data and the severe consequences that ensue. The impacted therapy company, Vastaamo, faces both compensation claims and significant loss of patient trust, which directly impacts its financial stability. This incident also highlights the urgent need for improved data security in the healthcare industry, particularly in the US, to safeguard sensitive information and prevent similar blackmail occurrences. In addition, this event underscores the necessity for stricter regulations, harsher penalties, and increased cybersecurity investments. Neglecting to address these concerns could lead to more suicides and substantial financial losses for both companies and patients.

Did You Know?

  • Therapy notes: These are records that document the progress and content of therapy sessions between a therapist and their patient. They typically contain sensitive personal information and are intended to be confidential, promoting trust in the therapeutic process.

  • Ransomware attack: This type of cyberattack involves the attacker demanding payment (ransom) from the victim to restore access to their encrypted or otherwise inaccessible data or system. In this instance, the hacker demanded 400,000 euros from the therapy company, Vastaamo.

  • Healthcare data breaches: These breaches involve unauthorized access, theft, or disclosure of sensitive information held by healthcare organizations, such as patient records. Given that healthcare data breaches can contain sensitive medical information, personal identifiers, and financial data, they pose significant privacy risks. Notably, in 2021, over 40 million people were affected by healthcare data breaches in the US.

You May Also Like

This article is submitted by our user under the News Submission Rules and Guidelines. The cover photo is computer generated art for illustrative purposes only; not indicative of factual content. If you believe this article infringes upon copyright rights, please do not hesitate to report it by sending an email to us. Your vigilance and cooperation are invaluable in helping us maintain a respectful and legally compliant community.

Subscribe to our Newsletter

Get the latest in enterprise business and tech with exclusive peeks at our new offerings