The leak happened in September 2015, when the Swedish Transport Agency (STA) decided to outsource the management of its database and other IT services to companies such as IBM in the Czech Republic, and NCR in Serbia.
The entire STA database was uploaded onto cloud servers belonging to these two companies, and some employees got full access to the database, as Sweden fired its IT technicians.
It was only in March 2016 that the Swedish Secret Service realized what happened, and started an investigation, warning other government agencies that unauthorized foreigners were now in control of their IT systems after the STA had bypassed necessary security checks just to expedited the transition to the new IT system as they wanted to fire local IT staff.
According to several Swedish newspapers, the leaked data included:
– Personal details of all persons in Sweden’s
– Personal details of Sweden’s elite military units
– Personal details of Sweden’s fighter pilots
– Personal details of all of Sweden’s pilots and air controllers
– Personal details of all Swedish citizens in a police register
– Details of all Swedish government and military vehicles
– Details about Sweden’s road and transportation infrastructure
All of this data is now under the management of foreign nationals in two countries that have governments with an increasing anti-EU and pro-Russian agenda. Furthermore, IBM allowed contractors in eleven other countries access to the database.
