So far, approximately 250 customers of Miljödata have reported to the Swedish Authority for Privacy Protection (Imy) that they have been affected, including at least 164 municipalities and four regions.
There are a number of larger private operations and there are colleges and universities that have also been affected, says Petter Flink, the authority's IT and information security specialist.
Sensitive information
Many of the reports concern information about employees and here there may be sensitive information about their health.
A consequence is that affected operations have not been able to access the data systems that have been exposed to the attack. The systems have been encrypted and the attackers want money.
If one has managed to encrypt data and personal data, then one has obviously had access to them. But what one has done more and if one has gone further and handled this information further in some way, Imy has no information about at present, says Petter Flink.
The fear is that one will continue to extort by threatening to spread.
Demanding 1.5 bitcoin
The attack, which was discovered on Saturday, has been reported to the police. The police have stated to BLT that the extortionists have gained access to Miljödata's data environment and are demanding 1.5 bitcoin from the company, which corresponds to approximately 1.5 million kronor.
The systems are used by 80 percent of Sweden's municipalities, the company's CEO Erik Hallén previously stated to TT.
They are used, among other things, to handle labor law cases, rehabilitation cases, medical certificates, as well as reporting and handling of work injuries and incidents. Thus, sensitive personal information about employees, former employees, and students may have been leaked.
Cert-se is a part of the Swedish Civil Contingencies Agency, which is to handle and prevent IT incidents. A close collaboration is currently underway with the affected company, says unit manager Abbe Yasmine.
We are still reaching out to those who may be affected and asking them to contact us, so that we can assess how large this is and what information may have been leaked, he says.
