The Latest Data Breach Is in Sweden
The Latest Data Breach Is in Sweden
Recently, we witnessed one of the worst government cybersecurity snafus in history. Read on to see what can be learned from this incident.
Join the DZone community and get the full member experience.Join For Free
Learning by doing is more effective than learning by watching - that’s why Codebashing offers a hands-on interactive training platform in 10 major programming languages. Learn more about AppSec training for enterprise developers.
We've seen some pretty incredible data breaches in the past couple years, but the latest data breach in Sweden actually jeopardized the vast majority of its citizens. A country-wide data security breach online is new. Up to this point, we'd only seen data breaches for specific political parties or the data of individual politicians. Sweden managed to reveal state secrets, hidden police forces, sensitive military information, and private citizens' faces, addresses, and vehicle registration all at the same time. It's impressive in the worst way possible. To make matters worse, poor handling has made the situation even harder to contain.
The Swedish Transportation Agency compromised information about every single vehicle in Sweden during a poorly-handled data transfer with IBM. Incredibly sensitive information about not only citizens, but also police and military vehicles went public. This incident may be the worst government security breach online in history.
Not only did this latest data breach compromise national security, but information about individuals in witness protection came to light as well. Even police suspects were revealed. The leak even featured the weight limits for every bridge and road in the country. The civilian damage alone was bad enough. License information, complete with photos and addresses, went public. Data breaches and identity theft go hand in hand, and these kinds of details make the process even easier.
The breach was bad enough without the scandal that followed. Rather than tracking down the emails containing the breached data and demanding cooperation from the marketers who received the data in error, officials sent out an email asking them to simply delete the previous email. There was no follow-up or oversight. Further investigation revealed that IBM employees without proper clearance and background checks had enjoyed access to the data essentially the entire time it was in IBM's possession.Repercussions
Two cabinet members have left their positions over this latest data breach scandal. Opposing parties joined forces to oust those responsible for not only the breach, but the poor handling that exacerbated the problem. Due to the mishandled situation, authorities believe it will take months to recover and secure the most damaging data exposed in the incident. Until then, Sweden remains at risk. Some of the information, such as the weight limits for roads and bridges, could leave Sweden vulnerable to attacks in the future. Military personnel, include SEAL team leaders, must go home to their families knowing that their photos and addresses were made public. The country is in political turmoil over this scandal, and the consequences could jeopardize national security.
This latest data breach in Sweden was one of the worst government data breaches to happen because of an oversight and poor handling after the fact. The rest of the world can learn a lot from this scandal and take steps to prevent it from happening again. Although this is the latest security breach scandal, it won't be the last one. Those handling or storing sensitive data don't just need to pay attention to preventative measures. This incident demonstrates the importance of a disaster recovery plan painfully well.
Published at DZone with permission of Anna Morris , DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.