Swedish Health Agency shuts down SmiNet after hacking attempts

The Swedish Public Health Agency (Folkhälsomyndigheten) has shut down SmiNet, the country’s infectious diseases database, on Thursday after it was targeted in several hacking attempts.

SmiNet, which is also used to store electronic reports with statistics on COVID-19 infections, was shut down on Thursday to investigate the attacks and was brought back online on Friday evening.

“The Swedish Public Health Agency has discovered that there have been several attempted intrusions into the SmiNet database. The database has therefore been closed down temporarily,” the agency said on Thursday, May 27.

“Work is underway to investigate as quickly as possible whether anyone may have accessed sensitive personal data from the database, as well as sort out and rectify any deficiencies.”

The Swedish Public Health Agency could not report complete COVID-19 stats starting with Wednesday at 4 PM due to the database shut down.

Additionally, while the investigation on the intrusion attempts is ongoing, no additional updates will be issued.

While no evidence of unauthorized parties accessing sensitive information was found so far, the investigation will take at least a few more days until the reporting process will be restarted.

“The investigation into unauthorized access to sensitive information is still ongoing,” the agency added in an update published today.

“More time is needed to ensure that the statistics are complete, so that a reliable assessment of the epidemiological situation can be made. Therefore, the next update of the statistics on cases of COVID-19 will be on Thursday, June 3.”

“At the moment there is no sign of information being taken out of the database, but the agency is still investigating the incident, as well as looking for (and fixing) any security weaknesses,” a Folkhälsomyndigheten spokesperson told BleepingComputer.

“We taken the incident very seriously and it is reported to the Swedish Police as well as the Swedish Authority for Privacy Protection.”

Health care under siege

The 1177 Swedish Healthcare Guide service for health care information was hit by a data breach two years ago after the company that managed its storage server exposed it to public access on the Internet.

Millions of health care call recordings going back to 2013 were stored on the misconfigured server, exposing callers’ personal info shared during roughly 170,000 hours left out in the open.

European health care has been under attack the last two weeks, with Ireland’s Department of Health (DoH) and publicly funded healthcare system HSE (Health Service Executive) breached by Conti ransomware operators.

According to the Federal Bureau of Investigation (FBI), the Conti ransomware gang has also attempted to breach the networks of more than a dozen U.S. healthcare and first responder organizations.

Source: https://www.bleepingcomputer.com/news/security/swedish-health-agency-shuts-down-sminet-after-hacking-attempts/