Miljödata operates HR, sick leave, and incident reporting systems for approximately 80 percent of Sweden's municipalities, creating a single point of failure. Over the weekend the systems went dark, leaving councils from Gotland and Halland to Karlstad and Skellefteå unable to access key services. The company's CEO confirmed the disruption resulted from a cyberattack that affected 200 of Sweden's 290 municipalities. Attackers demanded 1.5 Bitcoin (about $168,000), far lower than typical multimillion-dollar ransomware demands. Local media report that sensitive personal data may have been accessed, with Gotland warning medical certificates, rehabilitation plans, and work-related injury records could be at risk. Miljödata has stated there is no evidence to suggest data theft, according to one university customer.
Miljödata runs HR, sick leave, and incident reporting systems for approximately 80 percent of Sweden's municipalities, making it a juicy single point of failure. Over the weekend, those systems went dark, leaving councils from Gotland and Halland to Karlstad and Skellefteå unable to access key services. Miljödata CEO Erik Hallén confirmed on August 25 that the disruption was the result of a cyberattack that had affected 200 of Sweden's 290 municipalities.
If the price tag sounds oddly low, that's because it is. At current exchange rates, 1.5 BTC amounts to roughly $168,000, a fraction of the multimillion-dollar sums typically associated with big-ticket ransomware campaigns. Hospitals, energy firms, and even city transport systems have faced extortion notes ten times higher. Whoever is behind this one seems to be thinking small, either because they don't know what they've got or they're hoping the modest ask will increase the chances of someone quietly paying up.
Local media outlets report that sensitive data may already have been accessed, and the Gotland region warned that the attack "may have resulted in sensitive personal data being leaked." Precisely what information is at risk remains unclear, though Gotland states that it uses the software for handling employee data, including medical certificates, rehabilitation plans, and work-related injuries. Miljödata, for its part, says there is "no evidence to suggest" that data has been stolen, according to one university that uses the company's software.
Collection
[
|
...
]