Pierluigi Paganini
July 23, 2017
Sweden might be the scenario for the worst known governmental leak ever, the Swedish Transport Agency moved all of its data to “the cloud,” but it transferred it to somebody else’s computer.
The huge trove of data includes top secret documents related to the fighter pilots, SEAL team operators, police suspects, people under witness relocation.
“The responsible director has been found guilty in criminal court of the whole affair, and sentenced to the harshest sentence ever seen in Swedish government: she was docked half a month’s paycheck.” wrote PrivacyNewsOnline.
Full data of top-secret governmental individuals, including photo, name, and home address, was leaked.
Director General Maria Ågren in Sweden was fined half a month’s salary in a very short trial.
Further investigation in the governmental data leak revealed that the Swedish Transport Agency moved all its data to “the cloud”, as managed by IBM, two years ago, but suddenly the Director General of the Transport Agency, Maria Ågren, was quickly retired from her position in January 2017.
On July 6 it was disclosed the news that the Director was found guilty of exposing classified information in a criminal court of law.
“But on July 6th, she is known to be secretly investigated to have cleared confidential information. According to the Security Unit for Security Objectives, the data may damage the security of the country. She is ordered to pay 70,000 kronor in daily fines.” reported the website SvtNyHeater.se.
“Among other things, the entire Swedish database of driving license photos has been available to several Czech technologies, which have not been tested for security. This means that neither the SÄPO nor the Transport Agency had control over the persons who handled the information that could be said to damage the security of the country.“
Leaked data included information related to people in the witness protection program and similar programs. This information was wrongly included in the register distributed outside the Agency as part of a normal procedure. Another unacceptable mistake was discovered by the investigators when a new version without the sensitive identities was distributed, the Agency did not instruct recipients of destroying the old copy.
“Last March, the entire register of vehicles was sent to marketers subscribing to it. This is normal in itself, as the vehicle register is public information, and therefore subject to Freedom-of-Information excerpts.” continues the Swedish website. “What was not normal were two things: first, that people in the witness protection program and similar programs were included in the register distributed outside the Agency, and second, when this fatal mistake was discovered, a new version without the sensitive identities was not distributed with instructions to destroy the old copy. Instead, the sensitive identities were pointed out and named in a second distribution with a request for all subscribers to remove these records themselves. This took place in open cleartext e-mail.”
Sensitive data on Swedish vehicles was released to companies with no security clearance. Credit: Jonas Ekströmer/TT
Leaked information is precious data for a foreign government in an Information warfare scenario, data includes records of fighter pilots in the Air Force, policemen, and members of the military’s most secret units.
The archive also includes any kind of information about any government and military vehicle, including their “operator, which says a ton about the structure of military support units;”
The PrivacyNewsOnline confirmed that the governmental data leak is still ongoing and that it can be expected to be fixed “maybe this fall”.
“Much of the available analysis of the leak is still in the form of fully-redacted documents from the Security Police and similar agencies.” concluded the news agency.
[adrotate banner=”9″]
(Security Affairs – (Sweden governmental leak, Swedish Transport Agency)
[adrotate banner=”13″]
