Massive data breach a 'national security risk'
Ann Törnkvist · 30 Oct 2013, 10:28
Published: 30 Oct 2013 10:28 GMT+01:00
- Police rapped for 'lack of clarity' in Roma probe (29 Oct 13)
- Clinic slammed for 'non- Nordic' baby register (11 Oct 13)
- Swedish school told to halt Google cloud service (17 Sep 13)
The Dagens Nyheter (DN) newspaper, which made the discovery, reported on Wednesday that there were signs that intruders had tried to access medical journals.
The medical log system Take Care, which is used by hospitals and general practices both in Stockholm County and on the island of Gotland, experienced several technical malfunctions this past summer. Several journals were simply connected straight to the internet without a firewall on the central servers, several sources told DN.
The security lapse persisted for eight months, allowing outsiders to access the system. While sources told the newspaper that there were signs of attempted breaches, Stockholm County deputy administrative head Anders Nyström demented the claim.
"There are no indications that someone without the right to access the information has gained entry to any sensitive information," he told DN. The county has asked three independent consultants to examine the breach and report back.
Not all observers were equally sanguine about the news.
"This puts national security at risk," said the Swedish Medical Association's (Läkarförbundet) IT expert Rikard Lövström.
"For eight months, anybody could have waded into any patient journal, probably even including people in the royal family and other people who lead the country."