200 Swedish Municipalities Hit by Major Cyberattack on IT Provider

A devastating cyberattack on Miljödata, an IT supplier serving 80% of Sweden's municipalities, has disrupted services in over 200 local governments. The attack, which occurred over the weekend, has raised concerns about stolen sensitive data and sparked a national security response.

Impact on Municipal Services

The affected systems, used by managers and HR to handle medical certificates, rehabilitation matters, and work-related injuries, have been rendered inoperable. This has resulted in disruptions to services such as certificate processing, rehabilitation management, and injury reporting.

The Swedish Privacy Agency has already received around 70 reports of cyber incidents, highlighting the severity of the breach. The agency's confirmation comes as the company investigates the incident and works closely with local authorities to restore system functionality.

Company Response and Investigation

Miljödata CEO Erik Hallén confirmed that parts of the IT environment were compromised on Saturday, August 23. "We are working very intensively with external experts to investigate what happened, what and who was affected, and to restore system functionality," he told media outlet Aftonbladet.

The company has reported the incident to local authorities and is cooperating fully with the investigation. Miljödata's response suggests a proactive approach to addressing the breach and minimizing potential damage.

National Response and Support

The Swedish government, CERT-SE (the national cybersecurity center), and police are all closely involved in managing the incident. The government has received ongoing information about the breach and is in close contact with relevant authorities.

CERT-SE has offered advice and assistance to both Miljödata and affected customers. The agency's involvement highlights the importance of national cybersecurity support during major incidents like this one.

Police Investigation and Extortion Attempt

A police investigation is underway, with detectives working to determine the full extent of the breach and identifying those responsible. According to Swedish police, the company was targeted by an extortion attempt, with hackers demanding 1.5 bitcoins in exchange for restoring access to the compromised data environment.

No Ransomware Group Claimed Responsibility

At this time, no ransomware group has publicly claimed responsibility for the Miljödata attack. While an extortion attempt was made, it is unclear whether the hackers were successful in their demands.

Government Response and Assurance

Swedish minister for civil defence, Carl-Oskar Bohlin, acknowledged the incident and expressed concern about its impact on affected municipalities. "The full extent of the incident has not yet been determined, and it is too early to assess the actual consequences. The government takes questions regarding cyberattacks and IT incidents very seriously and understands the concern and uncertainty such attacks can cause," he wrote on X.

The government's response underscores its commitment to addressing cybersecurity concerns and supporting affected parties during times of crisis.