Data Breach At Major Swedish Software Supplier Impacts 1.5 Million (bleepingcomputer.com) 6
A massive cyberattack on Swedish IT supplier Miljodata exposed personal data from up to 1.5 million citizens, prompting a national privacy investigation and scrutiny into security failures across multiple municipalities. BleepingComputer reports: MiljÃdata is an IT systems supplier for roughly 80% of Sweden's municipalities. The company disclosed the incident on August 25, saying that the attackers stole data and demanded 1.5 Bitcoin to not leak it. The attack caused operational disruptions that affected citizens in multiple regions in the country, including Halland, Gotland, Skelleftea, Kalmar, Karlstad, and Monsteras.
Because of the large impact, the state monitored the situation from the time of disclosure, with CERT-SE and the police starting to investigate immediately. According to IMY, the attacker exposed on the dark web data that corresponds to 1.5 million people in the country, creating the basis for investigating potential General Data Protection Regulation (GDPR) violations. [...] Although no ransomware groups had claimed the attack when Miljodata disclosed the incident, BleepingComputer found that the threat group Datacarry posted the stolen data on its dark web portal on September 13. The leaked database has been added to Have I Been Pwned, which contains information such as names, email addresses, physical addresses, phone numbers, government IDs, and dates of birth.
Because of the large impact, the state monitored the situation from the time of disclosure, with CERT-SE and the police starting to investigate immediately. According to IMY, the attacker exposed on the dark web data that corresponds to 1.5 million people in the country, creating the basis for investigating potential General Data Protection Regulation (GDPR) violations. [...] Although no ransomware groups had claimed the attack when Miljodata disclosed the incident, BleepingComputer found that the threat group Datacarry posted the stolen data on its dark web portal on September 13. The leaked database has been added to Have I Been Pwned, which contains information such as names, email addresses, physical addresses, phone numbers, government IDs, and dates of birth.
Re: (Score:3)
Don't know, but I heard the chef is ok.
Adjusted for Inflaaation. (Score:2)
The company disclosed the incident on August 25, saying that the attackers stole data and demanded 1.5 Bitcoin to not leak it.
Cracks me up thinking about the first thing ten-thousand Bitcoin bought back in the day: two pizzas.
Now hackers are demanding ransomware payments for what wouldn't even buy a whiff of those pies.
As the world burns..
So the main leaked info... (Score:2)
So the main leaked info is email addresses? All the other information mentioned is public in Sweden, as far as I know. Well, apart from the fact that the victims use municipal trash services, I guess.
Yeah I don't know if that's worth 1.5 Bitcoin, extortionists.
I often wonder in such cases if the extortionists weren't scammed themselves. Buying access to exploits, tools, collection and laundering infrastructure etc. and being told it's a surefire way to get rich quick.
Fake news (Score:2)