Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

The Latest Data Breach Is in Sweden

DZone's Guide to

The Latest Data Breach Is in Sweden

Recently, we witnessed one of the worst government cybersecurity snafus in history. Read on to see what can be learned from this incident.

· Security Zone
Free Resource

Discover how to protect your applications from known and unknown vulnerabilities.

We've seen some pretty incredible data breaches in the past couple years, but the latest data breach in Sweden actually jeopardized the vast majority of its citizens. A country-wide data security breach online is new. Up to this point, we'd only seen data breaches for specific political parties or the data of individual politicians. Sweden managed to reveal state secrets, hidden police forces, sensitive military information, and private citizens' faces, addresses, and vehicle registration all at the same time. It's impressive in the worst way possible. To make matters worse, poor handling has made the situation even harder to contain.

Data Breach Scandal

The Swedish Transportation Agency compromised information about every single vehicle in Sweden during a poorly-handled data transfer with IBM. Incredibly sensitive information about not only citizens, but also police and military vehicles went public. This incident may be the worst government security breach online in history.

Not only did this latest data breach compromise national security, but information about individuals in witness protection came to light as well. Even police suspects were revealed. The leak even featured the weight limits for every bridge and road in the country. The civilian damage alone was bad enough. License information, complete with photos and addresses, went public. Data breaches and identity theft go hand in hand, and these kinds of details make the process even easier.

The breach was bad enough without the scandal that followed. Rather than tracking down the emails containing the breached data and demanding cooperation from the marketers who received the data in error, officials sent out an email asking them to simply delete the previous email. There was no follow-up or oversight. Further investigation revealed that IBM employees without proper clearance and background checks had enjoyed access to the data essentially the entire time it was in IBM's possession.

Repercussions

Two cabinet members have left their positions over this latest data breach scandal. Opposing parties joined forces to oust those responsible for not only the breach, but the poor handling that exacerbated the problem. Due to the mishandled situation, authorities believe it will take months to recover and secure the most damaging data exposed in the incident. Until then, Sweden remains at risk. Some of the information, such as the weight limits for roads and bridges, could leave Sweden vulnerable to attacks in the future. Military personnel, include SEAL team leaders, must go home to their families knowing that their photos and addresses were made public. The country is in political turmoil over this scandal, and the consequences could jeopardize national security.

This latest data breach in Sweden was one of the worst government data breaches to happen because of an oversight and poor handling after the fact. The rest of the world can learn a lot from this scandal and take steps to prevent it from happening again. Although this is the latest security breach scandal, it won't be the last one. Those handling or storing sensitive data don't just need to pay attention to preventative measures. This incident demonstrates the importance of a disaster recovery plan painfully well.

Find out how Waratek’s award-winning virtualization platform can improve your web application security, development and operations without false positives, code changes or slowing your application.

Topics:
breach ,security ,cybersecurity ,data security

Published at DZone with permission of Anna Morris, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}