Swedish Authorities, Banks Hit by Security Data Leak: Report
Details of bank vault floor plans, alarm systems and the security arrangements for Swedish authorities have been leaked online after a security company was hacked, local media reported Tuesday.
A total of 19 gigabytes of information and around 38,000 files were stolen from security group Gunnebo by one or more hackers in August, according to newspaper Dagens Nyheter.
“It’s of course unfortunate that we’ve had a theft of data,” Gunnebo CEO Stefan Syren was quoted as telling the paper.
“We are now reviewing the material and in the cases where there is sensitive information we are contacting the client,” he said.
Among the leaked documents are details of the security arrangements for the Swedish parliament and confidential plans of the Swedish Tax Agency’s new office on the outskirts of Stockholm, the paper said.
Plans for bank vaults in at least two German banks were leaked, while other documents show the alarm systems and surveillance cameras at a branch of the SEB bank in Sweden, it reported.
Headquartered in Sweden, Gunnebo is a multinational company with nuclear power plants, hospitals and airports among its international customers.
The hack was reported to the Swedish Security Service in August.
“We can only speculate on what the target of the attack was, but as we cannot rule out that it was an attempt at industrial espionage, it has been important to follow the regulations and we have therefore decided to inform Sapo,” Syren said in a statement at the time.
The company also said it had concluded that the attack was “well organized,” but no details of what data had been compromised was disclosed.
AFP has contacted Gunnebo for a comment.
Dagens Nyheter said hacking attacks based on extortion have hit many companies in recent times, in which criminals steal sensitive information and then demand a ransom not to leak the data online.
Neighboring Finland is currently dealing with an unprecedented hack after the private records of thousands of psychotherapy patients were stolen from the private healthcare company Vastaamo.
The records were first used to try to blackmail the company but then emails demanding ransoms were sent directly to patients at the weekend.