Sensitive information on up to tens of thousands of psychotherapy clients is believed to have been compromised following the hacking of Psychotherapy Centre Vastaamo in November 2018. (Emmi Korhonen – Lehtikuva)


THE NATIONAL BUREAU of Investigation (KRP) has received an offence report linked to the sale of Psychotherapy Centre Vastaamo in mid-2019, reports Helsingin Sanomat.

The Finnish psychotherapy service provider has come under scrutiny following reports that its client database was hacked in November 2018 and March 2019, putting personal information on possibly tens of thousands of clients in the wrong hands.

Read more:

Some of the information has been used to extort both the service provider and its clients and ended up on the dark net.

Helsingin Sanomat on Tuesday wrote, citing information it has obtained, that the offence report was filed by the parent company of the current owner of Vastaamo, Intera Partners.

“We’ve received an offence report linked to a hacking in a case involving a corporate transaction. I can’t comment further on the matter at this point in time,” said Tomi Taskila, a senior detective superintendent at KRP.

Taskila declined to confirm whether the investigation is linked specifically to the psychotherapy centre and whether the offence report was filed by its current owner.

Jokke Paananen, the CEO of Intera Partners, in October stated that the transaction would not have been carried out had it been aware of the hacking and data security flaws of Vastaamo. Ville Tapio, the ex-managing director of Vastaamo, was laid off in the aftermath of reports about the hacking, with the current owner stating that he was aware of but failed to disclose the data breach.

Tapio has denied such allegations. Neither he nor his parents, who co-owned the company, have responded to a request for comment from Helsingin Sanomat.

The District Court of Helsinki in October seized nearly 10 million euros worth of assets from the co-owners as a temporary precautionary measure.

Both the hacking and blackmailing remain under investigation. Employees of Vastaamo are additionally suspected of data protection offence in connection with the incident, Helsingin Sanomat revealed in December.

Aleksi Teivainen – HT