Swedish Government Faces Damage from Massive Data Breach
The Swedish government now has to face and investigate damage from a massive data breach, a real IT catastrophe.
The Swedish authorities have discovered a massive mistake that has happened in the nation’s data files. The government has reportedly incorrectly uploaded an entire database, including all kinds of secret lists; this had reportedly happened when the Swedish government started working with a contractor some years ago to manage information. The data that has been thus leaked includes names, photographs and addresses of air force pilots, police suspects, people who are in witness relocation programs, members of secretive military units etc. This data had reportedly happened in 2015.
The IB Times has come out with a detailed report on this massive data breach. The report says– “Sweden’s government has exposed sensitive and personal data of millions, along with the nation’s military secrets, in what is now considered to be one of the worst government IT disasters ever. The leak, which occurred in 2015, saw the names, photos and home addresses of millions exposed. Those affected include fighter pilots of Swedish air force, police suspects, people under the witness relocation programme, members of the military’s most secretive units (equivalent to the SAS or SEAL teams) and more.”
The report also elaborates on how the leak happened- “The leak occurred after the Swedish Transportation Agency (STA) decided to outsource its database management and other IT services to firms such as IBM and NCR. However, the STA uploaded its entire database onto cloud servers, which included details on every single vehicle in the country. The database was then emailed to marketers in clear text message. When the error was discovered, the STA merely sent another email asking the marketing subscribers to delete the previous list themselves.”
It was in 2016 that Sweden’s Secret Service discovered the breach. Investigations began and Maria Ågren, the STA (Swedish Transportation Agency) director-general was fined and fired.
The IB Times report further says- “IBM’s Serbian branch was also allegedly contracted to operate Sweden’s secure government intranet, which in turn is connected to the EU’s secure network STESTA. In other words, the EU’s secure network was also exposed to those who gained access to the database. What is worse, those provided access to the database are allegedly foreign nationals in countries that are increasingly pro-Russia and anti-EU.”
Rick Falkvinge, the Head of Privacy at Private Internet Access, has this to say in connection with the Swedish data breach- “Many governments have had partial leaks in terms of method (Snowden) or relations (Manning) lately, but this is the first time I’m aware that the full treasure chest of every single top-secret governmental individual with photo, name, and home address has leaked. It goes to show, again, that governments can’t even keep their most secret data under wraps — so any governmental assurances to keep your data safe have as much value as a truckload of dead rats in a tampon factory.”
Rick gets really critical when he says- “And of course, you have to remember – again – that if a government is this incapable and unwilling to protect even its own secrets, you can never trust a government to keep your data safe, under any circumstance.”
As per reports, the leak still continues and is likely to be fixed during the fall.
Kevin Jones753 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.