Europe’s notorious hacker Julius Kivimäki has finally been jailed for blackmailing 33,000 therapy patients with stolen notes, concluding an 11-year cyber-crime spree, bringing closure to a high-profile case that rocked Finland.
Aleksanteri Kivimäki, formerly known by the first name Julius, was convicted on April 30 by a court in Finland of all charges relating to the hack of Vastaamo, a Helsinki-based private psychotherapy center, that was made public in 2020 when the digital miscreant began to extort individual patients by threatening to publish their stolen information online, The Record reported last week.
The 26-year-old cyber criminal was consequently found guilty of more than 9,200 counts of disseminating information infringing people’s private lives, more than 20,000 counts of attempted blackmail, and 20 counts of blackmail.
Additionally, Kivimäki will independently face more than 5,000 independent claims for compensation related to his crimes, The Record reported.
Europe’s notorious hacker, Aleksanteri Kivimäki, was convicted for blackmailing 33,000 therapy patients
According to Finish newspaper Helsingin Sanomat, the district court described the hacker’s crimes as “particularly reprehensible and ruthless.”
The stolen database from Vastaamo psychotherapy contained the deepest secrets of a large cross-section of society, including children, the BBC reported on Monday (May 6). Sensitive conversations on subjects from extra-marital affairs to confessions of crimes were now a bargaining chip.
Tiina, one of Kivimäki’s many victims, was blackmailed after the Finish lawbreaker obtained her private information from Vastaamo, where she was a patient.
Just like with his other targets, Kivimäki demanded a ransom, threatening to publish her intimate therapy records online.
The blackmailer, known only as ransom_man by his sign-off online, reportedly demanded victims pay him €200 within 24 hours or he would publish their information. If they didn’t meet that deadline, he increased it to €500.
“It was a suffocating feeling,” she told the BBC. “I was sat there in my robe feeling like someone had invaded my private world and was trying to make money with my life’s trauma.”
The attack on Vastaamo began in 2018, resulting in the theft of records belonging to a total of 33,000 therapy patients, constituting the largest number of victims in a criminal case in Finland’s history.
Lawyer Jenni Raiskio, who represented 2,600 of the victims, revealed during the trial, which began in October 2023 and concluded in March 2024, that her firm had been contacted by people whose relatives had taken their own lives after the patient records were published online, the BBC reported.
His trial concluded an 11-year cyber-crime spree
About 20 people paid before the victims realized it was already too late, as per the BBC. Their information was already published the day before when ransom_man accidentally leaked the entire database to a forum on the darknet.
Mikko Hyppönen and his team at Finnish cyber-security firm WithSecure assisted in tracking the hack, leading to the identification of Kivimäki, also known as Zeekill.
Despite previous run-ins with the law, including a suspended prison sentence for numerous hacking offenses, Kivimäki continued his cyber exploits, gaining notoriety for orchestrating large-scale attacks, such as bringing down PlayStation Network and Xbox Live.
Zeekill managed to evade the authorities until his connection to the Vastaamo psychotherapy attack came to light.
@dylan.pageNah finland is a wild country for this😳♬ original sound – Dylan Page
It took Finnish police nearly two years to gather evidence to issue an Interpol Red Notice for him, making him one of Europe’s most wanted criminals. Nevertheless, his whereabouts remained unknown.
The malefactor was reportedly tracked down by mistake last February when police in Paris, France, went to his apartment after getting a false domestic disturbance call.
They found Kivimäki had been living with forged identity documents under a fake name, the BBC reported.
He was subsequently extradited to Finland, where authorities geared up for one of the most prominent trials in the Nordic nation’s history.
Kivimäki was found guilty of more than 9,200 counts of disseminating information infringing people’s private lives
Last week, the Western Uusimaa District Court sentenced Kivimäki to six years and three months in prison.
Nevertheless, Finnish media on May 2 said that the digital offender was likely to be out of jail by April 2026, as he is considered a first-time offender under Finnish law, even though he does have a previous conviction for fraud.
Moreover, on May 3, Finnish Broadcaster Yle reported that Kivimäki indicated his intention to appeal his prison sentence.
The cyber delinquent’s lawyer, Peter Jaari, told Finnish news agency STT of his client’s plan to take the case to the Court of Appeal.
Jaari informed reporters in the immediate aftermath of last week’s verdict that his client was disappointed with the ruling and would very likely appeal.
Kivimäki still denies any wrongdoing, Jaari said at the time.