Thousands of sensitive documents have been compromised in a data hack on the Swedish security firm Gunnebo.
The group admitted on Tuesday it had been the victim of a theft operation, which may have affected the security of the Swedish parliament and European banks.
A spokesperson for Gunnebo told Euronews the incident was “extremely regrettable”.
The intrusion had been reported to the Swedish internal intelligence and anti-terrorism agency (Säpo) after external IT forensics concluded the attack was “well organised”.
“We can only speculate about the purpose of the attack, but as it cannot be excluded that it was an attempt at industrial espionage,” Stefan Syrén, CEO of the Gunnebo group, said on 25 August.
Gunnebo specialises in secure access portals and operates all over the world with clients including nuclear power stations, hospitals, and airports.
The names of the companies and organisations affected by the leak have not been revealed.
The company also denied media reports that they were not aware that data had been copied in the intrusion.
“Ever since the data breach was discovered, Gunnebo has worked based on the hypothesis that files may have ended up in the wrong hands,” a spokesperson told Euronews.
What was hacked?
In August, Gunnebo’s IT department established that an “unauthorised party” had tried to gain access to the company’s servers.
According to the daily Dagens Nyheter, a total of 19 gigabytes of information and some 38,000 files were stolen.
This included details about the protection of the Swedish parliament, plans for the safes of at least two German banks, and confidential information of the Swedish tax agency’s new office in Stockholm.
In response, Gunnebo immediately shut down the servers to isolate the attack, saying that this quick action meant “effects were kept to a minimum and the majority of operations were soon back online”.
After a few days, the Swedish company decided to analyse the data on servers around the world, communicating this with affected customers on a local level.
Gunnebo then says that “criminals” decided to upload a certain part of the stolen data on the so-called “Darknet” and are continuing to analyse this dataset.
“Of course, we have been aware that files that originate from us are available on Darknet, and we naturally regret that this is the case,” said Syrén.
“Unfortunately, this is exactly how computer criminals work.
“It has never been an alternative for Gunnebo to pay a ransom to have the files deleted, the only way to curb this kind of crime is that the affected organisations do not fall short and pay out ransoms.”
In addition to reporting the incident to the Swedish security service, Gunnebo also initiated a full review of the organisation’s entire IT systems to tighten security.
Only a few company servers remain unplugged awaiting the conclusion of the IT-forensics investigation, but Gunnebo says it is not yet possible to evaluate the long-term effects of the attack.
“Safety always comes first for Gunnebo,” said Syrén.
Finland is currently facing unprecedented data hacking after the theft of thousands of psychotherapy patient records.
Some of these data, stolen from the private company Vastaamo, have been published against a background of blackmail.