A Swedish company that provides technology solutions for the government revealed that hackers infiltrated a database containing millions of COVID-19 test results. The intruders could have gained access to the data, but InfoSolutions considers the “risk to be very low.”
In a statement published on Monday, InfoSolutions, a company that specializes in information technology services, reported it detected an intrusion into a database that is used by 15 of 21 Sweden’s regions.
InfoSolution and an external security company have identified and solved the issue that led to the intrusion:
“Together with an external security company, InfoSolution has identified and solved what made the intrusion possible. There is no indication that any information has been passed on, but our internal investigation continues,” CEO of the company Alex Stendahl claims in a statement.
Although data has not been changed or deleted, investigators cannot rule out that it was accessed. Social security numbers and likely results of the COVID-19 tests were reportedly accessible for about a day.
The breach was reported by the perpetrators themselves. Although the motive of the breach is not clear, local news media said that the hackers were likely trying to warn the public as there hasn’t been even little damage caused by the breach yet.
InfoSolutions has had its database for digital journals suspended twice due to suspected breaches in recent months. The database is used by Swedish Public Health Agency.
The spread of the pandemic has also affected various health organizations globally. Cyberattacks on hospitals have been reported in various countries. The Irish health service was hit by a ransomware attack in May and had to shut down its IT systems. In January, hackers leaked online the private information of thousands of patients of New Zeland’s Waikato district hospitals.
Many medical devices are vulnerable to exploitation due to their unpatched software and because they are running on unsupported systems.