Security group Gunnebo recently suffered a data breach compromising thousands of sensitive files related to the Swedish Parliament, alarm systems, and bank vaults, said The Local Sweden. Hackers were able to steal 18 gigabytes of data with 38,000 files.
The company believes that the incident was “well-organize” and the number of attackers remains unknown.
However, the hackers obtained info about security arrangements for the Swedish Parliament, as well as confidential files of the Swedish Tax Agency’s new headquarters in Stockholm.
Moreover, vault floor plans for two German banks were also revealed, along with alarm and surveillance systems at an SEB bank branch in the country.
Gunnebo CEO Stefan Syren regrets the incident. He said, “It’s of course unfortunate that we’ve had a theft of data,” he added, “We are now reviewing the material and in the cases where there is sensitive information we are contacting the client.”
According to the report by The Local Sweden, the incident has been reported to the Swedish Service, Sapo.
Regarding the target of the hack, Syren said, “We can only speculate on what the target of the attack was, but as we cannot rule out that it was an attempt at industrial espionage, it has been important to follow the regulations and we have therefore decided to inform Sapo.”
Regardless, the firm took the event seriously and has “worked based on the hypothesis that files may have ended up in the wrong hands,” according to a report by Euronews.
Gunnebo, a multinational firm that serves nuclear power plants, hospitals, and airports, provides security services, products, and solutions to its clients. Mainly, it specializes in cash management, safe storage, entrance control, and integrated security.
As the attack was conducted by an “unauthorized party” that attempted to gain access to the firm’s servers, the company immediately took the servers offline. This move was able to keep the effects to a minimum, as per a statement by the company.
However, investigations show that the malicious party was able to obtain gigabytes of sensitive information and has uploaded it on the dark web.
About the possibility of paying to have the files removed, the company said, “It has never been an alternative for Gunnebo to pay a ransom to have the files deleted.” Instead, the only way to minimize such occurrences is to stay vigilant and not pay any ransom fees.
