Days after patients received the ransom emails, the board announced that it had let the CEO, Ville Tapio, go. In April 2023, Tapio was found guilty of criminal negligence in his handling of patient data. His conviction was overturned on appeal in December 2025. (He declined my requests to interview him.)
This makes me so fucking angry. The state of cybersecurity at the company was abysmal, the CEO knew about it, and yet, got no punishment at all.
This makes me so fucking angry. The state of cybersecurity at the company was abysmal, the CEO knew about it, and yet, got no punishment at all.