Hackers Leak Swedish Security Firm's Data

Written by

A Swedish security firm that suffered a cyber-attack is warning customers that their data has been leaked online.

Malicious hackers compromised the servers of Gunnebo in August 2020 in a highly organized attack that was reported to the Swedish Security Service, Säpo. 

Gunnebo’s CEO, Stefan Syrén, said hackers uploaded 38,000 files to a public server after management refused to give in to demands for a ransom.

On Tuesday, Swedish daily newspaper Dagens Nyheter (DN) reported that large amounts of sensitive data belonging to Gunnebo customers had been released on the dark web. 

News service Reuters reported that three security experts had confirmed an 18-gigabyte file containing Gunnebo customer data was available for download.

Data breached in the leak included security arrangements for the Swedish parliament, alarm systems, and detailed floor plans for bank vaults in at least two German banks.

Other data exposed by the hackers included documents containing information on alarm systems and surveillance cameras in use at a branch of the SEB bank in Sweden.

"Of course, we have been aware that files that originate from us are available on Darknet, and we naturally regret that this is the case," said Syrén in a statement yesterday. "Unfortunately, this is exactly how computer criminals work." 

"Therefore, I would like to emphasize that it has never been an alternative for Gunnebo to pay a ransom to have the files deleted. The only way to curb this kind of crime is that the affected organizations do not fall short and pay out ransoms."

Gunnebo is a multinational company headquartered in Gothenburg, Sweden, that counts airports, nuclear power plants, banks, and hospitals among its clients. The company specializes in security products, services, and solutions mainly in the areas of cash management, entrance control, safe storage, and integrated security.

In a statement released just after the attack occurred, Syrén said: "We can only speculate on what the target of the attack was, but as we cannot rule out that it was an attempt at industrial espionage, it has been important to follow the regulations and we have therefore decided to inform Säpo."

What’s hot on Infosecurity Magazine?