A cyberattack on Miljödata, an IT programs provider for roughly 80% of Sweden’s municipal programs, has prompted accessibility issues in additional than 200 areas of the nation.
Along with the service disruption, there are considerations that attackers additionally stole delicate information. Native media report that the risk actor demanded a ransom of 1.5 (presently round $168,000) Bitcoins from Miljödata in trade for not leaking stolen data.
Miljödata is a Swedish software program firm that develops and gives work surroundings and HR administration programs for municipalities, areas, and organizations.
Its programs are utilized by nearly all of municipalities in Sweden to deal with medical certificates, rehabilitation instances, occupational accidents, incident and work surroundings reporting, and systematic work surroundings administration (SAM).
The assault occurred over the weekend, with Miljödata CEO Erik Hallén confirming on August 25 that greater than 200 municipalities in Sweden have been impacted.
“We’re working very intensively along with exterior specialists to analyze what has occurred, what and who has been affected, and to revive system performance,” said Hallén.
BleepingComputer was capable of finding bulletins concerning the incident within the area of Halland Area, and likewise on Gotland Area, warning their residents that “delicate private information could have been leaked.”
Different municipalities reported as impacted by Swedish media are Skellefteå, Kalmar, Karlstad, and Mönsterås.
Swedish minister for civil defence, Carl-Oskar Bohlin, said on X that the incident is being evaluated to estimate its affect with the assistance of CERT-SE, and the police began an investigation.
“The scope of the incident has not but been clarified, and it’s too early to find out the precise penalties,” said the minister.
On the time of writing, no ransomware teams have taken accountability for the assault at Miljödata publicly.
The corporate’s web site is presently offline and makes an attempt to contact them point out that e mail servers are down.
In January 2024, Swedish IT providers and cloud internet hosting supplier Tietoevry was hit by an Akira ransomware assault which impacted operations throughout a variety of companies and prompted service outages on authorities organizations and universities.
46% of environments had passwords cracked, practically doubling from 25% final yr.
Get the Picus Blue Report 2025 now for a complete have a look at extra findings on prevention, detection, and information exfiltration tendencies.
