Back in August, Sweden-based cybersecurity company Gunnebo experienced a data breach. While the company eventually purged the attackers from their system, they did not know just what was stolen. It is now known, however, just what data had been copied as the hackers responsible are leaking the information on the Dark Web. According to the Swedish news service DN, the hackers have roughly 38,000 files belonging to Gunnebo in their possession. These files contain sensitive data on the Swedish parliament, bank vaults, nuclear power plants, and much more. The hackers released the data leak after Gunnebo refused to pay them a ransom.
Gunnebo made a statement on the issue recently. Their goal was to warn their customers and clear up what they deemed misconceptions in media reports. Below is an excerpt from that statement:
In the media reporting on Tuesday it is indicated that the company was not aware that data had been copied in the intrusion. However, this information is incorrect. Ever since the data breach was discovered, Gunnebo has worked based on the hypothesis that files may have ended up in the wrong hands, and thus the company decided a few days into the breach to analyze the data on servers around the world. The company has systematically communicated this with affected customers locally.
Additionally, Gunnebo’s CEO Stefan Syren was adamant about Gunnebo not paying the ransom, leading to the data leak. He left a statement following the official update from the company, which reads in part as follows:
I would like to emphasize that it has never been an alternative for Gunnebo to pay a ransom to have the files deleted. The only way to curb this kind of crime is that the affected organizations do not fall short and pay out ransoms.
Reuters was one of the primary news agencies in the United States to gain an interview with Syren. In a phone call, Gunnebo’s CEO told Reuters that this incident has caused Gunnebo to implement new strategies. Most notable of these are employing an “external IT team” to bolster the company’s overall network security.
Featured image: Flickr/ Richard Patterson