Days after patients received the ransom emails, the board announced that it had let the CEO, Ville Tapio, go. In April 2023, Tapio was found guilty of criminal negligence in his handling of patient data. His conviction was overturned on appeal in December 2025. (He declined my requests to interview him.)
This makes me so fucking angry. The state of cybersecurity at the company was abysmal, the CEO knew about it, and yet, got no punishment at all.
This guy probably had something on him.
What a well-written article. Many thanks for linking it!
The Guardian has great writting pieces, specially “the long read”, mixed with abismal opinion articles and barely researched hot takes*.
Then again, this describes most traditional newspapers.
*Parroting what some CEO said without an ounce of doubt or verification.
