Home / Crime and Justice / Hacker Exposes 33,000 Finns' Therapy Notes
Hacker Exposes 33,000 Finns' Therapy Notes
17 Jan
Summary
- Tens of thousands of Finnish citizens had their private therapy notes leaked.
- The hacker demanded ransom, threatening to publish sensitive personal data.
- The Vastaamo data breach led to tragic consequences, including suicides.
In late October 2020, 33,000 people in Finland faced a terrifying reality when their private therapy session notes were stolen and held for ransom by a hacker targeting the company Vastaamo. The breach exposed deeply personal thoughts and feelings, leading to immense distress and violation among victims. Some individuals reported experiencing severe anxiety and panic attacks, with at least two cases tragically resulting in suicide.
The hacker initially demanded bitcoin payments, threatening to publish sensitive patient records including social security numbers and detailed therapy transcripts. Despite the company's refusal to pay, the hacker proceeded to leak batches of data online. Investigations eventually identified Aleksanteri Kivimäki as the perpetrator, who was later convicted in November 2023 and sentenced to six years and three months in prison.
The Vastaamo incident, which occurred in the highly digitalized nation of Finland, underscored severe cybersecurity vulnerabilities. The company's CEO, Ville Tapio, was found guilty of criminal negligence for his handling of patient data, though his conviction was later overturned. Civil cases are ongoing, with victims seeking damages for the profound harm caused by the data leak.
