Read news from:
Austria
SHARE
COPY LINK

CRIME

Stolen data from Swedish hospital for sale on dark web

Information stolen from Stockholm's Sophiahemmet hospital in a cyber attack last week has been listed for sale on the dark web by a hacker group.

Published: 4 March 2024 15:34 CET
Stolen data from Swedish hospital for sale on dark web
Stockholm's Sophiahemmet is one of Sweden's oldest private hospitals. Photo: Henrik Montgomery/TT

“We’re trying to figure out how much and what kind of data this is about,” Sophiahemmet head of communications Pia Hultkrantz told TT newswire.

According to tech newspaper Ny Teknik, hacker group Medusa has now listed the data for sale on its website on the dark web, where it is asking for a million US dollars to delete the data. The group has also published what’s known as a proof of compromise, showing what kind of data the group has obtained.

The dark web is a hidden part of the internet which requires special software, configurations or authorisations to access. Search results from the dark web do not appear on search engines.

“There’s no doubt that Medusa has obtained data, and they’re threatening to leak it now,” IT specialist Karl-Emil Nikka told the newspaper.

“I can see there are lots of Excel spreadsheets, for example, including information like timesheets and things which could contain sensitive personal information about employees.”

The hacker attack knocked out telephones at the privately run Sophiahemmet overnight between Monday and Tuesday last week. In response, the hospital shut down all its computers as a security measure, and Region Stockholm activated what’s known in Swedish as stabsläge, the lowest level on a three-point scale of heightened preparedness used in healthcare services.

According to an IT expert who P4 Värmland spoke to, a large number of files from the attack are up for sale, although the hospital has not been able to confirm the amount of data affected.

“It’s clear this is a new stage in the attack we’ve been hit by,” Hultkrantz told TT. She confirmed to the newswire that the hospital had received a message from Medusa in the form of a screenshot advertising data stolen from “Sophiahemmet university”.

“We’re investigating with all means at our disposal along with Region Stockholm’s IT experts to find out what this is about. As soon as we know that, we can be more active and act,” she said.

The attack at Sophiahemmet is the latest in a spate of cyber attacks targeting Swedish businesses and public authorities in recent weeks, although it is not known whether or not this attack is connected to previous incidents.

The Dagens Nyheter newspaper reported last week that Bjuv, a small municipality of some 16,000 residents in southern Sweden, had received threats from Russian hacker group Akira.

Akira is threatening to leak data, which it stole from the municipality, in the form of “confidential documents, contracts, agreements, personal files” on the dark web, and was also behind a major attack on IT supplier Tietoevry last month, which affected tens of thousands of employees at Swedish businesses and public authorities. However, the attack on Bjuv is believed to be a separate incident, according to Dagens Nyheter.

Member comments

Log in here to leave a comment.
Become a Member to leave a comment.

CRIME

Nordic justice ministers meet tech giants on gangs using apps to hire ‘child soldiers’

The justice ministers of Denmark, Sweden and Norway are to meet representatives of the tech giants Google, Meta, Snapchat and TikTok, to discuss how to stop their platforms being used by gang criminals in the region.

Published: 20 September 2024 10:31 CEST
Nordic justice ministers meet tech giants on gangs using apps to hire 'child soldiers'

Denmark’s justice minister, Peter Hummelgaard, said in a press release that he hoped to use the meeting on Friday afternoon to discuss how to stop social media and messaging apps being used by gang criminals, who Danish police revealed earlier this year were using them to recruit so-called “child soldiers” to carry out gang killings.  

“We have seen many examples of how the gangs are using social media and encrypted messaging services to plan serious crimes and recruit very young people to do their dirty work,” Hummelgaard said. “My Nordic colleagues and I agree that a common front is needed to get a grip on this problem.”

As well as recruitment, lists have been found spreading on social media detailing the payments on offer for various criminal services.   

Hummelgaard said he would “insist that the tech giants live up to their responsibilities so that their platforms do not act as hotbeds for serious crimes” at the meeting, which will take place at a summit of Nordic justice ministers in Uppsala, Sweden.

In August, Hummelgaard held a meeting in Copenhagen with Sweden’s justice minister, Gunnar Strömmer, at which the two agreed to work harder to tackle cross-border organised crime, which has seen a series of Swedish youth arrested in Denmark after being recruited to carry out hits in the country. 

According to a press release from the Swedish justice ministry, the morning will be spent discussing how to combat the criminal economy and particularly organised crime in ports, with a press release from Finland’s justice ministry adding that the discussion would also touch on the “undue influence on judicial authorities” from organised crime groups. 

The day will end with a round table discussion with Ronald S Lauder, president of the World Jewish Congress, on how anti-Semitism and hate crimes against Jews can be prevented and fought in the Nordic region. 

SHOW COMMENTS