Categories: CyberCrimeSecurity

Notorious Finnish Hacker Jailed Over Patient Records Hack

A notorious Finnish hacker has been sentenced to six years and three months in prison after attempting to extort ransom from tens of thousands of patients using records hacked from a private psychotherapy centre.

Länsi-Uusimaa District Court found that Aleksanteri “Julius” Kivimäki, 26, was guilty of offences including an aggravated data breach, nearly 21,000 aggravated blackmail attempts and more than 9,200 aggravated disseminations of information infringing private life.

The court said the “ruthless” crimes were “very damaging” to patients in a fragile state of mental health.

Lawyer Jenni Raiskio, representing 1,500 clients, told Finnish newspaper Hensingin Sanomat in March that several of the victims died by suicide after sensitive information was leaked.

Julius Kivimaki in a 2014 interview with Sky News. Image credit: Sky News

Patient extortion

Kivimäki in 2018 hacked the computer network of the Vastaamo psychoterapy centre and downloaded its database on some 33,000 clients, according to prosecutors.

The Vastaamo clinic had branches throughout the country and acted as a private sub-contractor for Finland’s public health system.

Its chief executive was fired and prosecuted following the breach over a lack of proper security measures. The clinic later went bankrupt.

Kivimäki, who as a teenager was an extremely prolific hacker, took part in disabling the PlayStation Network and Xbox Live online gaming services over Christmas 2014, as part of the Lizard Squad hacking group.

He initially attempted to blackmail the clinic for about 370,000 euros ($396,000) in Bitcoin.

Kivimäki was part of the Lizard Squad hacking group.

Red Notice

When the clinic refused to pay, he began contacting thousands of patients directly in October 2020 and ordering them to pay 200 euros within 24 hours. If they refused the amount was raised to 500 euros.

About 20 people paid before the victims realised that Kivimäki had already accidentally leaked the entire database to a hacker forum, where it remains accessible today, the BBC reported.

Police suspected Kivimäki of the hack and in 2022 a Europol Red Notice was issued against him.

He was arrested last February in Paris, where he was found to be living with forged identity documents, and was extradited to Finland.

Prosecutors had sought seven years in prison, the maximum for such crimes under Finnish law. Due to the Finnish legal system Kivimäki is likely to serve about half his sentence.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Google Must Face Trial In Ad Tech Monopoly Case

Google loses bid for summary judgement as judge says 'too many facts in dispute' as…

8 hours ago

Silicon In Focus Podcast: Feeding the Machine

Learn how your business can meet the challenges associated with managing data across multiple platforms…

8 hours ago

Apple, Meta Likely To Face EU Antitrust Charges

Apple, Facebook parent Meta reportedly likely to face EU antitrust charges before August under new…

9 hours ago

Adobe Shares Jump On AI Success

Adobe shares post biggest gains in more than four years after it reports user take-up…

9 hours ago

Winklevoss’ Gemini To Pay $50m In Crypto Fraud Settlement

Winklevoss twins' Gemini Trust to pay $50m to settle cypto fraud claims over failed Gemini…

10 hours ago

Meta Delays EU AI Launch After Privacy Complaints

Meta delays Europe launch of AI in Europe after user, privacy group complaints over plans…

10 hours ago