The Swedish Public Health Agency was forced to shut down its infectious diseases database, named SmiNet, in response to a series of hacking attempts. The Swedish Agency cannot report complete data from Wednesday at 4 pm until the investigation on the intrusion attempts will be completed.
SmiNet is used to store electronic reports of COVID-19 infectious that are subject to notification in accordance with the Communicable Diseases Act.
The Swedish Public Health Agency shut down the system on Thursday to investigate the hacking attempts. The authorities reported the incident to the Police and to the Privacy Protection Authority.
“The Swedish Public Health Agency has discovered that there have been several attempted intrusions into the SmiNet database. The database has therefore been closed down temporarily.” reads the report published by the agency. “The public health authority takes the incident very seriously. There is still no indication that any information has fallen into the wrong hands, but the investigation is still ongoing.”
At the time of this writing, it is still unclear if the attackers had access to sensitive data, the investigation is still ongoing.
“More time is needed to ensure that the statistics are complete, so that a reliable assessment of the epidemiological situation can be made. Therefore, the next update of the statistics on cases of covid-19 will be on Thursday, June 3. Data from care providers and laboratories are then estimated to have been reported and analyzed.” reads the press release published by the Agency. “The investigation into unauthorized access to sensitive information is still ongoing.”
(SecurityAffairs – hacking, COVID-19)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.