By

A Finnish court has handed down a six-year and three-month prison sentence to 26-year-old Aleksanteri Kivimäki for his involvement in hacking and attempting to extort tens of thousands of patient records from a private psychotherapy center.

This case, which first emerged in October 2020, has sparked a loud public outcry and led to widespread legal action in Finland.

Vastaamo Hack Issue 

Finnish Hacker Sentenced for Major Data Breach, Blackmail in Psychotherapy Center Case
(Photo : Mika Baumeister from Unsplash) A hacker from Finland was proven guilty of seeking a ransom from patients of a psychotheraphy center on top of hacking thousands of confidential data.

The breach occurred at the Vastaamo psychotherapy center, where Kivimäki illegally accessed and downloaded a database containing approximately 33,000 client records in 2018. 

As reported by Bloomberg, the Länsi-Uusimaa District Court found Kivimäki guilty of an aggravated data breach, nearly 21,000 counts of aggravated blackmail, and over 9,200 instances of aggravated dissemination of information infringing on private life. Moreover, the court described Kivimäki's actions as "ruthless" and "very damaging," particularly given the vulnerable psychological state of the affected individuals.

Related Article: Deepfake Frames Maryland Principal as Racist, Intensifying AI Misuse Fears

Serious Effect on Mental Health of the Victims

The data breach had profound effects on the victims, with reports from the Finnish newspaper Helsingin Sanomat noting that some individuals affected by the leaks tragically ended their own lives due to the sensitive nature of the information exposed. 

Lawyer Jenni Raiskio, representing about 1,500 clients, emphasized the devastating impact on those whose private details were disclosed.

Ransom Demands and the Court's Decision Under Finland's Law

Prosecutors detailed how, after Vastaamo-which rebuffed his initial blackmail attempt involved a demand for payment of around 370,000 euros ($396,000) in bitcoins-Kivimäki resorted to publishing the stolen patient data on the dark web in 2020. He also directly demanded ransoms of 200 to 500 euros from individual patients, with about 20 victims complying with his demands. 

Despite his denials of the charges, the court's decision reflects the severity of the crimes. Prosecutors initially sought a seven-year sentence, the maximum under Finnish law for such offenses.

Finnish Hacker is Not New Anymore to Hacking

Kivimäki is no stranger to the legal system. As reported by Ilta-Sanomat in 2022, he was first convicted at the age of 15 for hacking over 50,000 servers with his own software. 

According to ABC News, this hacking experience even extended internationally, with convictions in the United States related to breaches involving the U.S. Air Force and Sony Online Entertainment.

The Vastaamo case has had serious consequences beyond the courtroom, prompting the Finnish government to fast-track legislative changes. These include allowing citizens to change their personal identity codes to prevent identity theft and highlighting the case's influence on national security and privacy laws.

As the case concludes with Kivimäki's sentencing, it serves as a harsh reminder of the vulnerabilities in digital data security and the severe consequences of exploiting them. 

The Finnish legal system is determined this time to protect the individual privacy of the people and deter cybercrime through stringent legal measures.

Read Also: Debt Collection Agency FBCS Suffers Data Breach Affecting 1.9 Million People


Joseph Henry

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Tags: Cybersecurity hacker Finland Hack Vastaamo Data Breach Aleksanteri Kivimäki
Join the Discussion