- Hacker Aleksanteri ‘Julius’ Kivimäki was sentenced to over six years in jail.
- He was discovered responsible of hacking a remedy firm to steal notes and blackmail 1000’s of sufferers.
- The case was described by the Finnish court docket because the ‘largest ever’ within the Nordic nation.
A Finnish hacker has been sentenced to 6 years and three months in jail after he was discovered responsible of stealing confidential remedy notes to blackmail 1000’s of sufferers.
The District Court docket of Western Uusimaa introduced the sentencing of Aleksanteri “Julius” Kivimäki on Monday.
The judges discovered the 26-year-old responsible of all counts, which included 9,231 counts of disseminating data violating private privateness and 20,745 counts of tried aggravated extortion.
He was charged final October, after being extradited from France to Finland.
In keeping with BBC Information, Kivimäki focused round 33,000 folks.
In a bulletin printed by Finland’s judiciary system, the court docket mentioned that the Vastaamo personal psychotherapy service, which operated remedy facilities throughout Finland, was hacked in November 2018.
The corporate’s affected person database was then illegally copied, it mentioned.
In keeping with BBC Information, Kivimäki demanded a ransom of greater than 400,000 euros, or $426,818, from the remedy firm in 2020.
The Related Press reported that the demand was greater — 450,000 euros, or about $480,000, to be paid utilizing bitcoin.
When the corporate refused to conform, Kivimäki emailed 1000’s of sufferers asking all of them for 200 euros, or $213, whereas threatening to publish their confidential remedy notes and private particulars on-line in the event that they did not pay up, BBC Information reported.
In keeping with AP, he mentioned the ransom would enhance to 500 euros, or $534, in bitcoin if it wasn’t paid inside 24 hours.
A trove of confidential data then surfaced on the darkish internet, together with sufferers’ private particulars, Social Safety numbers, and delicate therapist and physician notes from classes.
One man advised WIRED that data mentioned along with his therapist about his abusive dad and mom and drug and alcohol use was leaked on-line.
The BBC famous that at the least one suicide has been linked to the case.
Kivimäki denied all the costs, however the authorized bulletin cited proof introduced within the trial showing to indicate his involvement.
For instance, he had used a pseudonym to touch upon the hacking and extortion in an internet message board.
The court docket additionally discovered that Kivimäki had used a server implicated within the crimes extra extensively than he had admitted within the trial, and used an encryption key and IP deal with in a method he had denied in his testimony.
The court docket additionally cited a cost of 0.1 bitcoin made by the Nationwide Bureau of Investigation in 2020 that appeared to achieve Kivimäki.
“The standard of the crime was distinctive, and because of the variety of events concerned, it was the biggest ever in our nation,” the bulletin mentioned.
The court docket proceedings have but to deal with compensation claims for the victims.
Brunswick, a world public relations agency, mentioned that healthcare knowledge is disproportionally inclined to extortion.
A 2019 research within the Research in Well being Know-how and Informatics journal outlined how healthcare knowledge is especially helpful to cybercriminals as a result of it may well comprise monetary and private data that can be utilized for blackmail and fraudulent functions.
In keeping with knowledge from the US Division of Well being and Human Companies, over 40 million folks within the US have been affected by healthcare knowledge breaches in 2021.
