Thought Leadership
A devastating ransomware attack on the IT service provider Miljödata paralyzed around 200 municipalities and regions at the weekend. The attackers gained access to highly sensitive health data and are now extorting a Bitcoin ransom.
A nightmare scenario for digital administration is becoming a bitter reality in Sweden: last Saturday, unknown cyber criminals struck and put hundreds of municipalities and regions into a state of digital emergency with a single targeted attack. The target: the IT service provider Miljödata, whose servers provide critical administrative services for a large part of the Scandinavian country.
Widespread outages throughout Sweden
The affected local authorities include Region Gotland, Region Halland and the municipalities of Kalmar, Varberg, Umeå, Luleå, Kiruna, Mönsterås, Karlstad and Skellefteå. Region Gotland confirmed in a press release: “Region Gotland is one of many regions and municipalities affected by the cyber attacks on Miljödata. Extensive investigations are currently underway at Miljödata to determine the extent of the attack.”
The attack led to significant system failures, as Miljödata isolated affected systems as a security measure. Since then, many municipal services have been unavailable, which has had a significant impact on the everyday lives of citizens in the affected areas.
Sensitive health data compromised
The attackers are said to have gained access to a large amount of personal data, including medical certificates, rehabilitation plans, documentation on accidents at work and other health information. However, the full extent of the data theft is not yet known.
According to Swedish media reports, the as yet unknown attackers are demanding a ransom of 1.5 Bitcoin – the equivalent of around 144,000 euros. So far, no ransomware group has publicly claimed responsibility for the attack.
Authorities react in a coordinated manner
The Swedish government reacted immediately. Civil Defense Minister Carl-Oskar Bohlin emphasized on X (formerly Twitter): “The extent of the incident has not yet been determined, and it is too early to assess the actual consequences. Regardless of this, the government takes questions about cyber attacks and IT incidents very seriously.”
The Computer Emergency Response Team Sweden (CERT-SE) offers advice and support to both the affected company and its customers. The National Cyber Security Center (NCSC) coordinates the measures taken by the relevant authorities.
