Finnish authorities have issued a wanted notice for convicted hacker Aleksanteri Kivimäki after the Supreme Court declined to hear his appeal, making his conviction in the Vastaamo cybercrime case final. Police said Kivimäki should be arrested and transferred to Vantaa Prison if found, while his lawyer said he is believed to be outside Finland after having been released while the case was under appeal.
Kivimäki was sentenced by the Court of Appeal to nearly seven years in prison for the 2018 intrusion into psychotherapy provider Vastaamo and the subsequent extortion of both the company and its patients. The breach exposed highly sensitive therapy records belonging to about 33,000 patients, and more than 24,000 people reportedly received extortion demands, making the case one of Finland’s largest criminal matters by number of victims, including children and trauma patients.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
4 events from the most recent confirmed update back to the earliest known activity.
Finnish authorities issued a wanted notice for convicted hacker Aleksanteri Kivimäki after his conviction became final. Police said he should be arrested and transferred to Vantaa Prison if found, and his lawyer said he is believed to be outside Finland.
Finland's Supreme Court declined to hear Kivimäki's appeal, making his conviction in the Vastaamo cybercrime case final.
In February, Finland's Court of Appeal sentenced Aleksanteri Kivimäki to nearly seven years in prison for the Vastaamo hack and the subsequent extortion of both the company and its patients.
Aleksanteri Kivimäki was convicted for hacking Finnish psychotherapy provider Vastaamo in 2018, leading to the exposure of highly sensitive therapy records affecting about 33,000 patients.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
2 references tracked. Mallory keeps watching after this page renders.
malware.news
Open sourcetherecord.media
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.