The insurance company Trygg-Hansa must pay SEK 35 million in penalty fees, after an inspection by the Privacy Protection Agency, IMY.
Outsiders have been able to access data for 650,000 customers between October 2018 and February 2021, IMY’s review shows.
The data has affected customers’ health, social security number, insurance holdings, contact details and financial information.
IMY believes that the security flaws are so serious that they should have been discovered and remedied before the IT system was introduced.