The files leaked by the hackers appear to include the platform’s source code and personally identifiable databases of citizens.
Swedish authorities have launched an investigation into a possible breach of the country’s e-government platform, which contains sensitive information and personal data.
ByteToBreach announced the security breach on the dark web early Thursday morning. A hacker group has posted a collection of files it claims to have obtained from the Swedish subsidiary of global IT consulting and outsourcing company CGI Group. The files appear to contain source code for the e-government platform, personnel database, configuration files and other items. ByteToBreach also provided what it described “Citizens Database” And “Electronic Signature Documents” for sale
Swedish authorities have acknowledged the incident, with Sweden’s National Center for Cyber Incidents (CERT-SE) saying the leak is being analysed. Other government agencies are assessing the reported breach and potential damage, officials said.
“The government is following the developments and is in constant contact with the responsible actors including CERT-SE and the National Cybersecurity Centre” Swedish Civil Defense Minister Carl-Oskar Bohlin said.
CGI is trying to downplay the scale of the alleged hack and insists that no up-to-date source code was compromised. Company spokeswoman Agneta Hanson told Swedish tabloid Aftonbladet that CGI’s internal analysis did not affect any customers’ production environments, production data or operational services.
“The incident concerns two internal test servers in Sweden that are not used in production and are used for testing linked to a limited number of customers. In connection with the incident, a system containing an outdated version of the source code for the application was accessed” Hanson said in a statement to the newspaper.
Independent analysts, however, warned that the apparent hack could have long-term consequences for the company and Sweden’s e-government services, suggesting that the exposed source code could allow other malicious actors to identify potential vulnerabilities and attempt subsequent breaches.
You can share this story on social media:
