Read news from:
Austria
SHARE
COPY LINK

CRIME

Stolen data from Swedish hospital for sale on dark web

Information stolen from Stockholm's Sophiahemmet hospital in a cyber attack last week has been listed for sale on the dark web by a hacker group.

Published: 4 March 2024 15:34 CET
Stolen data from Swedish hospital for sale on dark web
Stockholm's Sophiahemmet is one of Sweden's oldest private hospitals. Photo: Henrik Montgomery/TT

“We’re trying to figure out how much and what kind of data this is about,” Sophiahemmet head of communications Pia Hultkrantz told TT newswire.

According to tech newspaper Ny Teknik, hacker group Medusa has now listed the data for sale on its website on the dark web, where it is asking for a million US dollars to delete the data. The group has also published what’s known as a proof of compromise, showing what kind of data the group has obtained.

The dark web is a hidden part of the internet which requires special software, configurations or authorisations to access. Search results from the dark web do not appear on search engines.

“There’s no doubt that Medusa has obtained data, and they’re threatening to leak it now,” IT specialist Karl-Emil Nikka told the newspaper.

“I can see there are lots of Excel spreadsheets, for example, including information like timesheets and things which could contain sensitive personal information about employees.”

The hacker attack knocked out telephones at the privately run Sophiahemmet overnight between Monday and Tuesday last week. In response, the hospital shut down all its computers as a security measure, and Region Stockholm activated what’s known in Swedish as stabsläge, the lowest level on a three-point scale of heightened preparedness used in healthcare services.

According to an IT expert who P4 Värmland spoke to, a large number of files from the attack are up for sale, although the hospital has not been able to confirm the amount of data affected.

“It’s clear this is a new stage in the attack we’ve been hit by,” Hultkrantz told TT. She confirmed to the newswire that the hospital had received a message from Medusa in the form of a screenshot advertising data stolen from “Sophiahemmet university”.

“We’re investigating with all means at our disposal along with Region Stockholm’s IT experts to find out what this is about. As soon as we know that, we can be more active and act,” she said.

The attack at Sophiahemmet is the latest in a spate of cyber attacks targeting Swedish businesses and public authorities in recent weeks, although it is not known whether or not this attack is connected to previous incidents.

The Dagens Nyheter newspaper reported last week that Bjuv, a small municipality of some 16,000 residents in southern Sweden, had received threats from Russian hacker group Akira.

Akira is threatening to leak data, which it stole from the municipality, in the form of “confidential documents, contracts, agreements, personal files” on the dark web, and was also behind a major attack on IT supplier Tietoevry last month, which affected tens of thousands of employees at Swedish businesses and public authorities. However, the attack on Bjuv is believed to be a separate incident, according to Dagens Nyheter.

Member comments

Log in here to leave a comment.
Become a Member to leave a comment.

POLICE

Swedish police leaks scandal: How gang criminals got hold of sensitive information

A new report in Dagens Nyheter has revealed over 514 suspected leaks of sensitive information from at least 30 members of the police force to criminals since 2018. Here's what we know so far.

Published: 30 April 2024 12:28 CEST
Updated: 30 April 2024 15:45 CEST
Swedish police leaks scandal: How gang criminals got hold of sensitive information

What’s happened?

According to an investigative report by newspaper Dagens Nyheter (DN), multiple gang members have infiltrated the police force by, for example, dating police employees, or using family connections to gain access to sensitive information about ongoing cases.

The first article in DN’s series focuses on a woman the newspaper calls Elin, who met a man, Jonas (not his real name), on a dating app when she had one year left of her police education. She falls in love, but his only goal with the relationship is to get a source within the police force which he can use for access to secret information.

Over the course of four years until she was caught, she made multiple illegal searches in the police register for Jonas, his associates and enemies, as well as providing him with information on ongoing investigations against him.

Other cases investigated by the newspaper include a border guard who sold classified information to gangs, a police officer who leaked information to what DN describes as “one of Sweden’s most notorious criminals” and an investigator who was dating a man she was investigating, who she shared screenshots of sensitive information with.

In another case, the police received a tip-off that information was being leaked to the Hells Angels motorcycle gang. It was discovered that a group of five alarm operators had made an unusually high number of searches for members of the Hells Angels, who were later discovered to have connections with the gang that they had lied about during their background checks.

What have the consequences of these leaks been?

In some cases, the leaks preceded revenge attacks on enemies of the gang member involved in the relationship. In other cases, the gang members’ enemies disappeared or were murdered.

Some of the people from the police force involved in the leaks were sentenced to fines for illegal data access or breaches of professional secrecy, while the evidence against others was not sufficient to prosecute. 

At least 30 employees had for different reasons been considered “security risks” and either resigned or were forced to quit, the newspaper reported, with over 514 suspected leaks taking place from police to criminals since 2018.

How do criminals find police officers?

According to DN, they look for things that can be used as blackmail, like police officers who buy drugs, or set “honey traps”, like the one used against Elin, where they meet police officers or students on dating apps and start a relationship.

“You take Tinder, for example, and set your search radius so the police school is in the centre. When you get a match, it’s easy to check if it’s a student, through class lists or how they present themselves on social media. They’re proud of their line of work,” Jonas told DN.

They might also use their family connections to put pressure on relatives who work in the police force.

Why is this important?

It’s important because Sweden has seen a rise in gang-related violence in recent years, with a surge in shootings and bombings as gangs fight for control over different drug markets.

Swedes also have a high level of trust in the police force – 72 percent according to a 2024 study by Medieakademin, topping the list of state authorities, with a higher level of trust than universities, healthcare, the courts and even the Swedish church. This was five percent higher than in 2023.

Although the vast majority of police officers do not leak information to criminal networks, Sweden does not have a history of organised crime infiltrating the police force, so officials are keeping a close eye on these leaks to make sure they don’t become more common.

On April 29th, Prime Minister Ulf Kristersson told TT newswire that the leaks were “very serious”, potentially putting trust in the police force at risk.

“There are many great risks and one is that trust in police declines, that people get the idea that mafia-like methods are used to infiltrate law enforcement,” he said, before adding that he was unable to say whether it constituted a threat to national security or not purely based on the initial DN article.

“But the mere suspicion of these types of connections are damaging,” he told the newswire.

What happens now?

Justice Minister Gunnar Strömmer told DN that he planned to call a meeting with police leadership about the reports, which he described as “extremely serious”.

“[At that meeting] we will consider the need for further measures,” he said.

“Leaking sensitive information to criminals is against the law and can have very damaging consequences for the work of the police force,” Strömmer told DN, adding that it could undermine trust in the police and “damage democracy”.

Last summer, the government increased the penalty for breaching professional secrecy, and a special investigator was tasked with looking at a potential reform of the rules on corruption and professional misconduct in February – the Crime Prevention Council is also involved in that investigation, where it has been asked to provide information on how gangs use government employees.

“Protecting the integrity of the justice system against infiltration and other security threats is a central part of the new national strategy against organised crime that the government decided on earlier this year, and it is given the highest priority in our assignments to the authorities,” Strömmer told the newspaper.

SHOW COMMENTS