Swedish firm says COVID-19 patients' database, test results compromised in cyberattack

An information technology (IT) provider firm to Sweden on Tuesday said that its coronavirus database, which also includes the patients’ diagnosis, was compromised in a breach identified last week, CNA reported. In a statement issued on June 22, InfoSolutions stated that it had resolved the threat that made the IT breach possible and had done away with the risks that led to the cyberattack in the first place. Furthermore, the IT firm stated that the critical user data has not been compromised and that the danger of such a leak was very low, although the firm did not completely rule out a possibility. 

Earlier last year, a similar data breach had compromised thousands of sensitive documents, as well as critical information including the blueprints of customers' bank vaults after a Swedish security company was hit by a massive cyberattack. Based out of Gothenburg, the firm named Gunnebo that specialized in the enhanced security for buildings such as fire safety measures and security doors had close to 38,000 files exposed to the hackers in what it had described as a “well organized” cyber-attack. Swedish media reported that the customers’ bank vaults, monitoring and alarm equipment, and security functions for ATMs were exposed and were available for download online. The incident was investigated by the Swedish Security Police (Säpo), who called the cyberattack and attempt “industrial espionage.” 

This incident comes in the backdrop of the unidentified  “ransomware attack” on Ireland’s state health services providers wherein they had to shut down their IT systems and halt all medical appointments amid the COVID-19 pandemic. The head of the Health Service Executive (HSE) announced in an update a couple of months ago that there has been a “significant ransomware attack on the HSE IT systems.” Ireland’s health state health provider announced the cyberattack on its official Twitter handle. “We have taken the precaution of shutting down all our IT systems in order to protect them from this attack and to allow us to fully assess the situation with our own security partners,” it revealed. HSE said that the cyberattack had caused the disruption of its services, including the COVID-19 vaccination appointments. 

INTERPOL's warning about spike in cyberattacks

Earlier, as the pandemic wreaked havoc worldwide and the online presence increased, the International Police body INTERPOL warned about the spike in the rate of cybercrimes. In a statement issued officially, the police body said that these cyberattacks would shift to businesses, major corporations, governments, and critical infrastructure as entities would have employed remote systems and networks for employees to work from home. Criminals are focused to steal data, generate profits, and cause disruption, INTERPOL’s said in its analysis.  “Cybercriminals are developing and boosting their attacks at an alarming pace, exploiting the fear and uncertainty caused by the unstable social and economic situation created by COVID-19—Jürgen Stock, INTERPOL Secretary-General said.