A cyber attack on the Swedish Transport Agency at the end of February led to information about people with protected identities being handled incorrectly, reports Dagens Nyheter. It is unclear how many were affected.
– The attack not only knocked out the website, but large parts of our IT system, says Mikael Andersson, press manager at the Swedish Transport Agency, to DN.
The attack led to the authority failing to check sensitive information about vulnerable people.
Information about traffic accidents and who has been involved is stored in the Swedish Transport Agency’s database Strada. It must be checked daily so that no people with protected information end up there – but while the attack was going on, the IT system that makes the check was knocked out. The error was discovered on March 2 but had not been rectified until a week after the attack.
– Some types of trouble can take a few days to remedy, Andersson says.
The Swedish Transport Agency does not know how many may have been affected, but the number is estimated at between one and ten. The incident has been reported to both MSB and the Privacy Protection Authority. In addition, a police investigation is underway into the actual IT attack.