The Swedish Transportstyrelsen (Transport Agency) botched its outsourcing to IBM, uploading its records to IBM's cloud and then emailing cleartext copies to marketing managers, unvetted IBM employees in the Czech Republic and others.
The database contains the names, photos and home addresses of all drivers/car owners in Sweden, and exposes the home addresses of the country's spies, people in witness relocation programs, people on police registries, and "type, model, weight, and any defects in all government and military vehicles, including their operator."
One agency employee, former director general Maria Ågren, was fired and fined, seemingly in connection with the breach.
The breach occurred in 2015, was detected in 2016, and has only just come to the public sphere.
The database is still hosted in IBM's cloud, and the earliest it could be locked down is this autumn.
According to Falkvinge, the leak exposed:
The weight capacity of all roads as well as bridges (which is crucial for warfare, and gives a lot idea about what roads are intended to be used as wartime airfields).
Names, photos, and home addresses of fighter pilots in the Air Force.
Names, photos, and home addresses of everybody in a police register, which are believed to be classified.
Names, photos, and residential addresses of all operators in the military's most secret units that are equivalent to the SAS or SEAL teams.
Names, photos, and addresses of everybody in a witness relocation program, who has been given protected identity for some reasons.
Type, model, weight, and any defects in all government and military vehicles, including their operator, which reveals a much about the structure of military support units.
Swedish authority handed over 'keys to the Kingdom' in IT security slip-up
Sweden Accidentally Leaks Personal Details of Nearly All Citizens [Swati Khandelwal/The Hacker News]
The Electronic Frontier Foundation and Muckrock teamed up to use the Freedom of Information Act to extract the details of 200 US cities' Automated License Plate Recognition camera programs (ALPR), and today they've released a dataset containing all the heretofore secret data on how these programs are administered and what is done with the data […]
"Privacy Not Included" is Mozilla's Christmas shopping (anti)-guide to toys and gadgets that spy on you and/or make stupid security blunders, rated by relative "creepiness," from the Nintendo Switch (a little creepy) to the Fredi Baby monitor (very creepy!).
Government procurement data reveals that US Immigration and Customs Enforcement and the Drug Enforcement Agency have each spent tens of thousands of dollars on products from Houston's Cowboy Streetlight Concealments LLC, which specializes in fake streetlight housings designed to conceal surveillance cameras.
Got a gadget-minded geek on your holiday list this year? Don’t wait for Black Friday. The prices are already dropping on some quality tech toys, and we’ve got a roundup of some of our favorites. Force Flyers DIY Building Block Drone MSRP: $49.99 | Normally: $42.99 | Price Drop: $39.99 (20% Off) Compatible with everybody’s […]
Ever wondered what it takes to make the transition from amateur photography to a full career? If you answered “a better camera,” you’re half right. Before you get the equipment, get the know-how to use it with the Hollywood Art Institute Photography Course & Certification. Taught by experienced pros, this course is geared towards shutterbugs […]
Anyone can learn piano, but don’t tell that to the bored kids who had to endure hours of “Chopsticks” and similar drills in their music lessons. Today, there’s a better way. Pianoforall lets you jump right in to discover what makes music fun, leaving you eager to learn more. In a simple but innovative approach, […]