The Swedish government mistakenly leaks almost all nation-wide personal information & military confidential information


ByFredrik Rubensson

According to the Swedish press, data such as the personal information of millions of Swedish carriers, data on military personnel who are military secrets of the state, data on defense planning, details of witness protection, etc. leaked out and Sweden is currently in the state We are on the verge of security. The Swedish government seems to have leaked these confidential information oneself, and Swedish Prime Minister Stephane Robben says that this situation is "a disaster."

Swedish authority handed over 'key to the Kingdom' in IT security slip-up - The Local
https://www.thelocal.se/20170717/swedish-authority-handed-over-keys-to-the-kingdom-in-it-security-slip-up

Sweden Accidentally Leaks Personal Details of Nearly All Citizens
http://thehackernews.com/2017/07/sweden-data-breach.html


In SwedenThe LocalAccording to local media named "Sweden's national transport agency"Transportstyrelsen"Was mishandled at the time of outsourcing contract with IBM, personal information on vehicles in Sweden leaked out. This 'Swedish domestic rides' also includes police and military-related vehicles, and unintentionally military secrets are to be leaked.

It is the name of the soldier who is piloting a fighter aircraft in the Swedish Air Force, a soldier assigned to a military secret unit, everyone registered in the police register, the name of the person receiving the witness protection program · Photo · Address. Sweden has a population of about 9.9 million people, but it is believed that almost all the nation's personal information leaked out. In addition, data on military vehicles and military aircraft are also leaked (information on which roads and bridges are temporarily used as airports during wartime) such as the loading weight of roads and bridges in Sweden.

ByRestrictedData

Information leakage occurred in 2015. At this time, Transportstyrelsen signed an IT maintenance agreement with IBM to outsource database and network management. However, Transportstyrelsen uploads the entire database of IBM on the cloud server. The data uploaded on the cloud contains the above data and the information leakage of the century has occurred.

After that, Transportstyrelsen said that it notified the address of the database by e-mail to the whole marketing person in charge. Also, the problem is that this message was sent in plaintext that was not encrypted. Also, IBM staff who signed an outsourcing contract seemed to be able to access Transportstyrelsen's system without receiving appropriate security check from outside Sweden. Indeed, the Swedish newspaper analyzing the survey reportDN.SEAccording to the Czech Republic, IBM employees are authorized to access all the data and logs of Transportstyrelsen.

Although the outflow of data occurred in 2015, the government authorities of Sweden was aware of this situation from becoming in 2016. Then, Maria Aguren, former director of the Swedish authorities who resigned in January 2017 in the form of take responsibility for this situation has imposed a fine of 70,000 Swedish Krona (about 950,000 yen).

in Security, Posted by logu_ii