-
The Swedish Agency for Privacy Protection (IMY) is currently investigating a cyber hack on IT systems giant Miljödata that led to the leakage of over 1.5 million individuals.
-
The firm reported this breach on August 25, stating that the hackers stole customer data and demanded 1,5 BTC to not expose it.
-
A cybercriminal group called Datacarry reportedly published the stolen data on its darknet platform on September 13.
In recent developments surrounding the cybersecurity space, the Swedish Commission for Privacy Protection (IMY) is investigating a hack on renowned IT systems provider Miljödata. As per the report, IMY found that the hack resulted in the 1.5 million customers.
The firm is an information technology systems provider that handles almost 80% of Sweden’s municipalities. On Monday, Miljödata announced the incident, noting that the criminals stole the datasets and demanded 1.5 BTC (bitcoin) to not expose them.
Miljödata Breach Affects 1.5 million Customers
The hack incident caused a shutdown of Miljödata operations nationally, impacting customers from various regions, such as Kalmar, Skellefteå, Gotland, Karlstad, Mönsterås, and Halland.
The IMY began surveillance immediately after Miljödata disclosed the data breach, particularly due to the huge impact of the attack. CERT-SE and the Swedish law enforcement authorities immediately began to investigate the incident.
Jenny Bård, head of the IMY, commented on the incident, stating that the Miljödata data leak implied that a huge portion of the nation’s population had their personal data posted on the dark web. This mirrors recent high-profile incidents like the Qantas dark web data leak, showing a common tactic where stolen data is publicly released.
They noted that the leak raises several questions about the level of security and the types of personal data stored in the systems.
Jenny added that the agency’s primary aim is to investigate any weak points that could offer insights moving forward, to minimize the risks of similar cases occurring again.
Notably, IMY has reportedly decided to focus on investigation targets in compliance with the severity of their operations, limiting it to just Miljödata, the City of Gothenburg, the Municipality of Älmhult, and Västmanland Region.
The agency stated that it will investigate Miljödata’s security measures. However, the agency will investigate the municipalities for their data handling practices, with specific priority on children’s data, former employees, and protected identity subjects.
Furthermore, the agency may examine additional legal entities in the future, though it has not made any plans for that yet.
No ransomware groups had claimed responsibility for the data breach when Miljödata revealed the hack. Although it is worth stating that a cybercriminal group, Datacarry, published the stolen credentials on its dark net platform on September 13. The operation of such platforms carries significant risk, as demonstrated by the FBI’s recent takedown of prominent dark web sites connected to a major data heist.
What Users Should Do
Besides the 224 MB of stolen Miljödata data, Datacarry also posted 12 other data breach victims on its website. Swedish citizens can visit the official Have I Been Pwned website, enter their emails, and click the check button to confirm if their personal data has been exposed.
The platform had earlier posted on its website data of the exposed Miljödata credentials, which comprises email addresses, phone numbers, dates of birth, government IDs, and physical addresses.
According to the data posted on Have I Been Pwned, the data aligns with 870,000 individuals, which is almost half of the figure reported by IMY.
