A shortcoming in the City of Gothenburg’s IT system has made it possible for sensitive information about people who have or have been entitled to, among other things, medical trips, school trips and LSS trips via the municipality to be accessed – by anyone.
The information that has been saved in the system includes names, social security numbers, telephone numbers, e-mail addresses, type of trips, when and where the trips were made and what type of assistance was needed. Information about favorite trips and favorite addresses has also been found in the system.
37,000 letters sent out
This appears in a letter from the City Environmental Administration that was recently sent out to approximately 37,000 people.
– We discovered the deficiency through a self-inspection before Christmas, and the deficiency has now been remedied, says Alexandra Wattwil, press officer at the City Environmental Administration.
Can’t be ruled out
How the deficiency could have arisen and how long the system was open, the administration still has no answer, but deficiencies have been found in two different parts of the IT environment.
People with protected identities are not affected by the issue, according to the mailing. There are also no signs that anyone unauthorized has gained access to any information according to the administration.
“However, we do not have the opportunity to check whether someone unauthorized has access to the personal data and therefore it cannot be ruled out,” the administration writes in the letter.
The administration has reported the incidents to the Swedish Data Protection Authority, which is the authority responsible for matters relating to the storage of digital personal data.
SVT is looking for those responsible at the City Environmental Administration for a comment.
The text is updated.