Read news from:
Austria
SHARE
COPY LINK

CRIME

Stolen data from Swedish hospital for sale on dark web

Information stolen from Stockholm's Sophiahemmet hospital in a cyber attack last week has been listed for sale on the dark web by a hacker group.

Published: 4 March 2024 15:34 CET
Stolen data from Swedish hospital for sale on dark web
Stockholm's Sophiahemmet is one of Sweden's oldest private hospitals. Photo: Henrik Montgomery/TT

“We’re trying to figure out how much and what kind of data this is about,” Sophiahemmet head of communications Pia Hultkrantz told TT newswire.

According to tech newspaper Ny Teknik, hacker group Medusa has now listed the data for sale on its website on the dark web, where it is asking for a million US dollars to delete the data. The group has also published what’s known as a proof of compromise, showing what kind of data the group has obtained.

The dark web is a hidden part of the internet which requires special software, configurations or authorisations to access. Search results from the dark web do not appear on search engines.

“There’s no doubt that Medusa has obtained data, and they’re threatening to leak it now,” IT specialist Karl-Emil Nikka told the newspaper.

“I can see there are lots of Excel spreadsheets, for example, including information like timesheets and things which could contain sensitive personal information about employees.”

The hacker attack knocked out telephones at the privately run Sophiahemmet overnight between Monday and Tuesday last week. In response, the hospital shut down all its computers as a security measure, and Region Stockholm activated what’s known in Swedish as stabsläge, the lowest level on a three-point scale of heightened preparedness used in healthcare services.

According to an IT expert who P4 Värmland spoke to, a large number of files from the attack are up for sale, although the hospital has not been able to confirm the amount of data affected.

“It’s clear this is a new stage in the attack we’ve been hit by,” Hultkrantz told TT. She confirmed to the newswire that the hospital had received a message from Medusa in the form of a screenshot advertising data stolen from “Sophiahemmet university”.

“We’re investigating with all means at our disposal along with Region Stockholm’s IT experts to find out what this is about. As soon as we know that, we can be more active and act,” she said.

The attack at Sophiahemmet is the latest in a spate of cyber attacks targeting Swedish businesses and public authorities in recent weeks, although it is not known whether or not this attack is connected to previous incidents.

The Dagens Nyheter newspaper reported last week that Bjuv, a small municipality of some 16,000 residents in southern Sweden, had received threats from Russian hacker group Akira.

Akira is threatening to leak data, which it stole from the municipality, in the form of “confidential documents, contracts, agreements, personal files” on the dark web, and was also behind a major attack on IT supplier Tietoevry last month, which affected tens of thousands of employees at Swedish businesses and public authorities. However, the attack on Bjuv is believed to be a separate incident, according to Dagens Nyheter.

Member comments

Log in here to leave a comment.
Become a Member to leave a comment.

CRIME

Sweden charges Islamic State woman in landmark trial

Swedish prosecutors said they have brought genocide charges against a woman in the country's first court case over crimes committed by the Islamic State group against the Yazidi minority.

Published: 20 September 2024 07:15 CEST
Sweden charges Islamic State woman in landmark trial

A prosecutor told AFP the 52-year-old woman was accused of keeping Yazidi women and children as slaves at her home in Syria between 2014 and 2016.

She was charged with “genocide, crimes against humanity and serious war crimes” on the grounds that her actions formed part of a broader campaign by the group (IS or Isis) against the Kurdish-speaking Yazidi minority.

The woman, who is a Swedish citizen, is in jail having already been sentenced by a Swedish court to six years in prison in 2022 for allowing her 12-year-old son to be recruited as a child soldier for Isis.

Senior prosecutor Reena Devgun told AFP that while investigating that case, authorities had received witness reports “that told us that she had kept slaves in Raqqa,” the former stronghold of the Islamic State group in northern Syria, prompting further investigations.

“If you take in Yazidis into your household when you are an Isis member or the wife of an Isis member and treat them this way, I argue that you are participating” in the broader campaign against them, Devgun said.

Devgun said the woman had kept nine people, three women and six children, in her home “as slaves”.

The women and children – who were kept in the house for between 20 days and seven months – were among other things made to perform household tasks.

Devgun said they had also been photographed, which the prosecutor argued “was done with the intention that they would be sold off”.

Evidence had mainly been gathered through witness accounts, from the victims and others that had visited the home at the time.

The crimes, which the woman denies, can carry a life sentence in Sweden.

Stockholm’s District Court said in a statement that the trial was scheduled to start on October 7th and was expected to last two months.

Around 300 Swedes or Swedish residents, a quarter of them women, joined IS in Syria and Iraq, mostly in 2013 and 2014, according to Sweden’s intelligence service Säpo.

SHOW COMMENTS