Vastaamo hacking suspect arrested in France

French police arrested a suspect Friday who is allegedly connected to the notorious cyber attack against Finnish psychotherapy center Vastaamo in 2018.

Vastaamo disclosed the breach in late 2020, revealing that attackers stole patient records from the mental health organization. Vastaamo at the time had 25 locations and approximately 400 psychotherapists. After extorting the psychotherapy center, threat actors attempted to extort the patients themselves. The ransom demands came in late 2020 — two years after the breach — and Finnish police at the time said they had received roughly 25,000 reports from victims.

The arrested suspect is Julius Kivimäki, a 25-year-old Finnish man. According to a news release published to the Police of Finland’s website, the suspect was apprehended as a result of cooperation between French and Finnish police, and he will be surrendered to Finland in the immediate future.

Kivimäki, who goes by the alias “Zeekill,” was previously remanded in absentia in October “on probable cause of aggravated computer break-in, attempted aggravated extortion, and aggravated dissemination of information violating personal privacy.” A European Union arrest warrant, also known as an EAW, was issued.

Marko Leponen, head of investigation and detective chief inspector for Finland’s National Bureau of Investigation, said in today’s release that “the aim is to interview the suspect as soon as possible.”

“The arrest is the result of long-standing international cooperation and of intelligence gathering by the police,” Leponen said. “The timing of the surrender process depends on a number of factors, so it is challenging to estimate at this stage when the suspect will be brought to Finland. Once the suspect has been surrendered, a new remand hearing must be held in Finland.”

Julius Kivimaki's mugshot and info from Europol's 'most wanted' site.
Julius Kivimäki was arrested in France on Feb. 3 after being remanded in absentia by Finnish police in October.

The data breach became one of the most notorious cyber attacks in recent memory because of the sensitive nature of mental health records stolen and the direct extortion of patients. The attack also led to devastating consequences for Vastaamo, which faced bankruptcy in early 2021 and was accused of covering up the incident following the breach disclosure.

Finnish police have not responded to TechTarget Editorial’s request for comment at press time.

Alexander Culafi is a writer, journalist and podcaster based in Boston.

Articles You May Like

Amazon confirms another round of layoffs, impacting 9,000 people in AWS, Twitch and other units
Security Researchers Spot $36m BEC Attack
Twitter ends free SMS 2FA: Here’s how you can protect your account now
Camo 2 launches with support for any camera, new tools and more
Banking turmoil opens opportunities for fraud – Week in security with Tony Anscombe

Leave a Reply

Your email address will not be published. Required fields are marked *