The hacking of the patient database of the psychotherapy centre Vastaamo was an exceptional case in Finland, both in scope and nature. Sensitive personal information of tens of thousands of people was stolen and, in many cases, leaked online.
In spring 2024, the District Court of Länsi-Uusimaa convicted Aleksanteri Kivimäki for the data breach and related crimes. The case has been appealed to the Helsinki Court of Appeal, where proceedings will continue in September 2025.
In May 2025, the police contacted approximately 9,000 victims again. A second person is suspected of assisting in the crimes. The case is now moving forward to the consideration of charges.
If you are a victim of the Vastaamo data breach:
- You do not need to report the crime again or take any new legal action at this stage.
- If you have already submitted a statement and a compensation claim, they remain valid.
Victims have the right to seek compensation. If you intend to use a legal advisor, make sure in advance how the costs will be covered.
If you need support
Victim Support Finland offers conversational support and practical guidance in English on criminal matters. Please contact us using the contact form.
Stay informed
Follow updates from the authorities, such as the police, the prosecutor’s office, and the district courts.