Sweden Accidentally Leaks Personal Details of Nearly All Citizens

An anonymous reader quotes a report from The Hacker News: Swedish media is reporting of a massive data breach in the Swedish Transport Agency (Transportstyrelsen) after the agency mishandled an outsourcing deal with IBM, which led to the leak of the private data about every vehicle in the country, including those used by both police and military. The data breach exposed the names, photos and home addresses of millions of Swedish citizen, including fighter pilots of Swedish air force, members of the military's most secretive units, police suspects, people under the witness relocation program, the weight capacity of all roads and bridges, and much more. The incident is believed to be one of the worst government information security disasters ever.

In 2015, the Swedish Transport Agency hand over IBM an IT maintenance contract to manage its databases and networks. However, the Swedish Transport Agency uploaded IBM's entire database onto cloud servers, which covered details on every vehicle in the country, including police and military registrations, and individuals on witness protection programs. The transport agency then emailed the entire database in messages to marketers that subscribe to it. And what's terrible is that the messages were sent in clear text. When the error was discovered, the transport agency merely thought of sending a new list in another email, asking the subscribers to delete the old list themselves.

Re:Helpful tip

[FFOMelchior]

Wi nøt trei a høliday in Sweden this yër?

Seriously?

[CustomSolvers2]

Some pretty descriptive quotes from the linked article:

Swedish Transport Agency uploaded IBM's entire database onto cloud servers

The transport agency then emailed the entire database in messages to marketers that subscribe to it.

were sent in clear text

error was discovered, the transport agency merely thought of sending a new list in another email, asking the subscribers to delete the old list

every conceivable top secret database: fighter pilots, SEAL team operators, police suspects, people under witness relocation.

One of the multiple questions coming to my mind after reading all this is: why are so different types of top-level secret information of a country being stored in the same database?!

Everybody in Sweden!!!....fast...

[martiniturbide]

switch cars with your neighbors.

Marketers subscribe

[tigersha]

> ..the transport agency then emailed the entire database in messages to marketers that subscribe to it.

This sentence makes no sense. What did the marketers subscribe to? The top secret database??!! This must have been quite a large database, I doubt that you can attach and mail it. Who mailed what to whom?

The whole article reads like something Google translate did on a day when the server was drunk or half asleep.

Re:This is why the US need a smaller government...

[Solandri]

You joke, but when a corporation screws up, you can sue it, you can quit buying their products, you can convince your friends to stop supporting it.

When the government screws up, you're stuck with it (short of revolution). In fact the way a lot of government union employment contracts are structured, you can't even fire the people responsible for the screwup.

I've never bought into the claim that all government is good and all corporations bad. Nor have I bought into the claim that all corporations are good and all government is bad. Both can do good things, both can do bad things. The trick is figuring out which things one tends to do better than the other, and giving the job to the more capable entity.

Re:Helpful tip

[93+Escort+Wagon]

See the løveli lakes
The wonderful telephøne system
And mani interesting furry animals
Including the majestic møøse.

Re:Shouldn't matter to Swedes, since...

[uffe_nordholm]

You are right in that Sweden and Norway are culturally very similar. But I think you are wrong about this leak.

If the rest of the world can see details about every single driving licence ever issued in Sweden, I see no real harm. But this leak has (at least potentially) exposed things like which vehicles the secret army units have (and how many of them), who the Swedish combat pilots are and where they live, which roads and bridges can support which vehicle types (good to know when invading a country, so the road you drive on doesn't suddenly collapse under the load).

Apart from a lot more discussion than is normal about a political issue in Sweden, the only real thing that has happened is that the director responsible for this has been fired and fined some three weeks worth of wages. My personal opinion is that she should have been tossed in prison and left to rot there, this leak may have damaged Sweden much more than all spies that have ever operated in Sweden in the past.

My sources: a lot of reports in Swedish media.
Full disclosure: I live in Sweden and am a Swedish native.

Re:Old news?

[e5150]

The crime she committed ("Recklessness with secret documents") carries a maximum penalty of one year in prison (BrB 19 kap. Â9). And altough I wouldn't mind seeing her spending some time behind bars, after having read (the redacted, non-juicy, parts of) the Secret service investigastion, I wouldn't really put the blame on her.
The whole mess started before she was appointed director of the agency, she seems to basically have been brought in and told: "Sign these documents, otherwise the outsourcing is gonna be delayed even further".
I would like to see a lot more heads roll before this story gets filed away.

Re:This is why the US need a smaller government...

[Altrag]

You can sue the government in many democracies. Not sure if Sweden is one of those places, but its certainly not something you can arbitrarily claim without looking into it. (Whether its useful to sue the government is another question of course..)

and giving the job to the more capable entity

Unfortunately neither organization has mastered preventing human error, so while you're not incorrect.. your statement is rather irrelevant to "someone f'd up," no matter how big an f they upped.

Re:This is why the US need a smaller government...

[Roger+W+Moore]

When the government screws up, you're stuck with it (short of revolution).

I don't know where you live but around here we have these things called elections which let us change governments without all the shooting, rioting and deaths of a typical revolution. You should try them, they aren't fantastic but they are a lot better than the alternative.

Re:This is why the US need a smaller government...

[Immerman]

$#@! 'em. And good on you for finding something that tilts the tide and sticking to it. Any idiot can get fast, satisfying results for a little while - it takes determination and vision to accept that what took years to put on will take years to take off. Best of luck in maintaining your vision and embracing your needed lifestyle changes.

An old friend of mine had a sailing metaphor philosophy on life - as long as you can keep trending in the right direction you'll get where you want to go. The important thing is to keep your hand on the wheel and not let yourself get discouraged when you occasionally get blown off course.

Re:I see how it is

[Z00L00K]

Even worse - the responsible people were told that the transfer was even an illegal move by the internal revision people of that department but they moved ahead anyway. Responsible ministers kept silent and didn't even inform the prime minister of this.

Nothing less than a public flogging would be suitable.

Re: This is why the US need a smaller government..

[KGIII]

Not really, no. The water levels are low for reasons other than global warming. The aquifer is nearly depleted due to overuse and drought. None of those is directly related to climate change. The depletion is definitely due to humans, however. The river should also be fed be aquifer. It isn't. We used the water to grow food and lawns.

Don't blame Sweden

[Dareth]

Don't blame Sweden, they thought the cloud was wearing a condom.