Hacker Group Threatens to Leak Personal Data

Hundreds of thousands of Swedes' personal data were compromised in a data breach at a system provider in August. Now, the hacker group Datacarry has claimed responsibility for the cyberattack and threatens to publish the information on Darknet this Sunday, reports TV4 Nyheterna.

Approximately 80% of Sweden's municipalities, many regions, authorities, and companies use IT systems from the provider Miljödata to manage various employee data.

When Miljödata was breached at the end of August, hackers accessed personal information of hundreds of thousands of Swedes. This includes personal identification numbers, phone numbers, email addresses, and home addresses, according to TV4.

The hacker group Datacarry has now claimed the attack. The group threatens to release the data on Sunday.

"They are after making money," says cybersecurity specialist Karl Emil Nikka to TV4.

"Can Only Deeply Regret"

In a so-called ransomware attack, data is "kidnapped" and encrypted, preventing users—such as a municipality—from accessing it.

The hacker group demands payment in bitcoin to avoid leaking the data on Darknet. However, they can profit even if the extortion fails, as criminals can purchase the data for fraud attempts.

Karl Emil Nikka tells TV4 that the hacker group is "most likely" serious about the threat and will publish the data. This increases the risk of phishing attacks against hundreds of thousands of Swedes. Those affected should be extra vigilant about strange or unexpected emails, texts, and phone calls.

Miljödata's CEO Erik Hallén writes in an email to Göteborgs-Posten:

"This is a new step in the attack against us. I can only deeply regret it. We are closely monitoring developments to act based on what the threat actor chooses to do."

He also writes that Miljödata, following advice from both security experts and police, has not been in contact with the hacker group.