The Swedish Public Health Agency has shut down its infectious diseases database SmiNet after it was targeted by hackers on Thursday last week, the agency announced in an update published today.
SmiNet, which is also used to store information on COVID-19 infections, went offline on Thursday due to attacks, but was back online on Friday evening.
“The Swedish Public Health Agency has discovered that there have been several attempted intrusions into the SmiNet database. The database has therefore been closed down temporarily,” the agency said on Thursday, May 27.
The agency is working to investigate if an attacker has accessed the database and to sort out any issues with its systems:
“Work is underway to investigate as quickly as possible whether anyone may have accessed sensitive personal data from the database, as well as sort out and rectify any deficiencies.”
No additional updates will be issued during an investigation, the agency said.
Due to the database’s shut down, the Swedish Public Health Agency was not able to report complete COVID-19 statistics starting Wednesday evening. Although no evidence of unauthorized access was found, the investigation is still ongoing and will take a few more days to conclude and restart the reporting process.
The agency noted that it was investigating an unauthorized access to a sensitive section of its database:
“The investigation into unauthorized access to sensitive information is still ongoing. The incident has been reported to the Police and to the Privacy Protection Authority,” the agency added.
The Swedish Public Health Agency has decided to delay the release of its statistics on COVID-19 cases until June 3.
European health care has been under ransomware attacks the past few weeks, with the Irish Department of Health and the country’s healthcare system HSE (Health Service Executive) among the targets of the attacks.
And in the US, the FBI alerted that the Conti ransomware gang has targeted healthcare industry and first responder services.