Some Swedish shops start to reopen after hacker attack

TT/The Local
TT/The Local - [email protected]
Some Swedish shops start to reopen after hacker attack
The Akira group, with suspected ties to Russia, is believed to be behind the attack. Photo unrelated to story: Thomas Winje Øijord/Scanpix via TT

Some shops were able to reopen on Tuesday after a ransomware attack on a data centre over the weekend, while a number of other businesses and authorities were still working to get back online.


Over 100 stores in the Granngården chain of garden stores and pet supply shops were closed for three days due to the hacker attack against data centre Tietoevry, which disabled their entire shop network and website.

On Tuesday morning, 11 were able to reopen, with more to follow.

“Since 9am this morning we’ve been able to open shop by shop, and there are new shops reopening constantly,” Fredrik Björk, the company's sales chief, told TT newswire.

“Although, they’re not fully functional. The shops are open with card payments only, you can’t redeem gift cards, for example, but customers can buy food for their dogs and cats,” he said.

Björk added that the aim is to reopen all shops by the end of the day.


“We’ve found a way to avoid going through Tietoevry’s damaged servers and have been working on this since Saturday. The focus has been on finding secure and stable solutions which are reliable for the customer. Considering the situation, it should really have taken a number of weeks, but thanks to the intense work it’s taken three days.”

For Granngården, it hasn’t been possible to carry out any transactions at all, be that in store or online.

“It’s obviously hit us hard to be closed for three days but we can’t give any details. Reopening our shops doesn’t end this issue for us, the next focus is going to be on sales of goods, getting new goods out to shops,” he said.

Other groups affected by the attack, like cinema chain Filmstaden and local authorities such as Vellinge in southern Sweden, were still working to solve the issue on Tuesday.

Filmstaden was unable to accept payments online or in person, with cinema-goers only able to pay for their tickets via the Swish payment service, while Vellinge's website was still down at lunchtime on Tuesday.

Tietoevry said it had reported the attack to police and urged its customers to do the same.

“We are fully focused on this and are in regular contact with the customers and their IT departments. Our tech teams are working hard to restore the servers,” Tietoevry's spokesperson, Alexandra Kärnlund, told TT on Monday, adding she couldn’t say when they would be back up.


The IT company has confirmed that the hacker group Akira, which appears to be linked to Russia, is responsible for the attack.

"We can confirm that Akira is behind it," the data company's head of communications, Alexandra Kärnlund, told Svenska Dagbladet (SvD).

According to security expert Mattias Wåhlen, who the newspaper interviewed, there is no doubt that the group is tied to Russia.

"Almost all groups carrying out this type of attack are from Russia," he told SvD. "There are clear rules, the most important is that they are not allowed to attack targets in Russia, but only in the west."

Other retailers affected by the attack included discount chain Rusta and sportswear chain Stadium - whose websites were still down on Tuesday afternoon - as well as state-owned alcohol monopoly Systembolaget.


Join the conversation in our comments section below. Share your own views and experience and if you have a question or suggestion for our journalists then email us at [email protected].
Please keep comments civil, constructive and on topic – and make sure to read our terms of use before getting involved.

Please log in to leave a comment.

See Also