A notorious hacker who was one of Europe’s most wanted criminals has been jailed for blackmailing 33,000 therapy patients
Julius Kivimäki’s imprisonment brings to an end an 11-year cyber-crime spree that started when he rose to prominence in a network of anarchic teenage hacking gangs at the age of just 13.
Tiina was cooling off after the customary Finnish Saturday night sauna when her phone pinged.
It was an email from an anonymous sender who somehow had her name, social security number and other private details.
“At first I was struck by how polite it was and how nice the tone was,” she recalls.
“Dear Mrs Parikka” the sender wrote, before outlining that they had obtained her private information from a psychotherapy centre where she was a patient. Almost apologetically the emailer explained that they were contacting her directly because the company was ignoring the fact that personal data had been stolen.
Two years of thorough records taken by her therapist during dozens of intimate sessions were now in the hands of this unknown blackmailer.
If she did not pay a ransom within 24 hours they would all be published online.
“It was a suffocating feeling,” she says. “I was sat there in my robe feeling like someone had invaded my private world and was trying to make money with my life’s trauma.”
Tiina realised quickly she was not alone.
A total of 33,000 other therapy patients also had their records stolen and thousands were being blackmailed in what is the largest number of victims in a criminal case in Finland.
The stolen database from Vastaamo psychotherapy contained the deepest secrets of a large cross-section of society including children. Sensitive conversations on subjects from extra-marital affairs to confessions of crimes were now a bargaining chip.
Mikko Hyppönen, from Finnish cyber-security firm WithSecure, who researched the attack, says the event caused shockwaves in the country and led news bulletins for days. “A hack on this scale is a disaster for Finland – everyone knew someone affected,” he says.
This was all happening in 2020 during the pandemic lockdowns and the case stunned the cyber-security world.
The impact of the emails was immediate and devastating. Lawyer Jenni Raiskio represents 2,600 of the victims and, at the trial, said her firm had been contacted by people whose relatives had taken their own lives after the patient records were published online. She led a moment of silence in the court for the victims.
The blackmailer, known only as ransom_man by his sign-off online, demanded victims pay him €200 Euros (£171) within 24 hours otherwise he would publish their information. If they didn’t meet that deadline he increased it to €500.
About 20 people paid before the victims realised it was already too late. Their information was already published the day before when ransom_man accidentally leaked the entire database to a forum on the darknet.
It is all still there today.
Mikko and his team spent time tracking the hack and trying to help police, and theories began to emerge that the hacker was likely to be from Finland.
