Cyberattack on Miljödata Leads to Massive Data Breach and Ransom Demand
Miljödata cyberattack results in widespread data theft and ransom demand from attackers.
Key Points
- • Datacarry demands 1.5 bitcoins to refrain from publishing stolen data.
- • Hundreds of thousands of personal records leaked on the darknet.
- • Affected companies include SAS, GKN Aerospace, and Volvo.
- • The incident highlights the urgent need for improved cybersecurity in Sweden.
A significant cyberattack on Miljödata, a key IT service provider in Sweden, has resulted in the theft and public disclosure of hundreds of thousands of personal data records. The attackers, a group known as Datacarry, are demanding 1.5 bitcoins (approximately 1.5 million SEK) to prevent further publication of the stolen information. As of September 14, Datacarry released sensitive personal details on the darknet, including identification numbers, phone numbers, addresses, and employment information.
IT expert Marcus Murray described the breach as a blatant display of the attackers' capabilities, suggesting that their actions are aimed at creating a form of 'violence capital' amid rising geopolitical tensions, particularly in light of Sweden's application to NATO and the ongoing effects of the invasion of Ukraine. Murray emphasizes that this incident serves to instill fear and demonstrate power within the cybercriminal landscape.
Miljödata serves around 80% of Swedish municipalities and various organizations, making the data breach particularly alarming. Although Miljödata has not confirmed the breach, they are advising their clients to refrain from sharing sensitive information unless it is anonymized.
The breach has also impacted multiple companies, notably SAS, from which personal information of over 28,000 individuals, including pilots, has been leaked. Other affected companies include GKN Aerospace, Volvo, and Sandvik. A pilot from SAS expressed serious concerns over the implications of the leak, highlighting the critical nature of their roles in national defense.
Jonas Nilsson, an information security strategist, called for improved collaboration among municipalities to bolster cybersecurity defenses. He advocates for a leadership role from the National Cybersecurity Center in addressing these vulnerabilities. Meanwhile, the situation remains under investigation as authorities tackle both the severe data breach and the associated threats of extortion.