(Reuters) – The Swedish security company Gunnebo AB said on Tuesday that it was in contact with customers after hackers had released sensitive information about their accounts after its system was compromised two months ago.
Gunnebo said in August that it had reported an attack on its servers to the Swedish security service, after external IT forensics concluded that the attack was well organized.
Three security experts told Reuters that large amounts of leaked data were available for download on the dark web in an 18-gigabyte file, after Dagens Nyheter first reported on Tuesday that information had been released by hackers.
DN said that the published information contained information on security measures for the Riksdag.
A page hosting the download link to leaked data posted by hackers and viewed by Reuters showed a summary of the content, which contained information about Gunnebo's financial information, bank details and passwords and details of customer transactions.
Gunnebo manufactures entrance control systems for buildings including offices and airports.
"What has happened is very unfortunate. We have been exposed to very serious crime, says CEO Stefan Syren to Reuters by phone. "My assessment is that we have had a good level of security, but we must be excellent."
DN said that the material was uploaded to a public server during the second half of September. Mr Syren said the attack began on August 1
Security experts said the hack was part of a ransomware operation called "Mount Locker" where hackers attack corporate systems, unlock data files and encrypt them, blocking access until a ransom is paid, usually in cryptocurrencies like bitcoin.
The hackers had 38,000 files from the Swedish company, with information about customers all over the world, including protection of the Riksdag and drawings of bank vaults, DN reported.
"We are reviewing the material now and in cases where the information is sensitive, we contact the customer," Mr. Syren told DN.
Gunnebo is currently submitting a bid from the investment company Stena Adactum AB and the venture capital company Altor Equity Partners AB, which values Gunnebo at approximately SEK 2.4 billion.
The German conglomerate Thyssenkrupp AG was also the victim of a similar ransomware attack in August.
Thyssenkrupp's system technology in North America received a ransomware threat, said a spokeswoman.
“The company identified and resolved the threat shortly after it was discovered. , She said.
In 2017, the WannaCry ransomware attack disrupted hospitals and businesses worldwide.
"If a company has been attacked by ransomware, you should already assume that data was filtered out before that," a security researcher said. "And when that happens, it's too late to really do anything but harm control." which helps organizations pay for cybercriminals.